blog.paleohacks.com Open in urlscan Pro
2606:4700:10::ac43:15df Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/5069def3217174f9e9db4ba...
Effective URL:
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Submission: On December 10 via api (December 10th 2023, 8:31:41 pm UTC) from US — Scanned from DE

Summary HTTP 237 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 49 IPs in 12 countries across 46 domains to perform 237 HTTP transactions. The main IP is 2606:4700:10::ac43:15df, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
62	2606:4700:10:... 2606:4700:10::ac43:15df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.208.83.62 18.208.83.62	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20a... 2600:9000:20a0:c200:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:480... 2a02:26f0:480:4a5::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	23.1.108.46 23.1.108.46	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.144.121 172.64.144.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.148.35 172.64.148.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:b... 2600:1901:0:bc29::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	173.231.16.77 173.231.16.77	18450 (WEBNX) (WEBNX)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 20	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
4 4	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
3 3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:8b08:3c9:f238:ee96	16509 (AMAZON-02) (AMAZON-02)
1	18.198.30.169 18.198.30.169	16509 (AMAZON-02) (AMAZON-02)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 2	104.96.147.178 104.96.147.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::ac40:9b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
237	49

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2606:4700:10::ac43:15df (United States)

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.83.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-83-62.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20a0:c200:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:4a5::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

paleohacks.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.1.108.46 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-108-46.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.121 (United States)

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.35 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.77 (United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.185 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (Hessen, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:1b::1724:a39a (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:8b08:3c9:f238:ee96 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.30.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-30-169.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.147.178 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b32 (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	paleohacks.com blog.paleohacks.com	656 KB
36	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	289 KB
24	googlesyndication.com 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	100 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	238 KB
12	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 adservice.google.com — Cisco Umbrella Rank: 93 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1605 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	59 KB
8	bing.com 3 redirects www.bing.com — Cisco Umbrella Rank: 60	37 KB
7	media.net contextual.media.net — Cisco Umbrella Rank: 665 lg3.media.net — Cisco Umbrella Rank: 6606	75 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	839 B
5	mypaleorecipe.com track.mypaleorecipe.com	35 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	348 B
5	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3234 ct.pinterest.com — Cisco Umbrella Rank: 715 log.pinterest.com — Cisco Umbrella Rank: 4390	20 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 2849 paleohacks.attn.tv	46 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	213 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	221 KB
3	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	264 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13930	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	453 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	1012 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	1014 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	915 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	75 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	21 KB
2	lpages.co paleohacks.lpages.co	8 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2153	364 B
1	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 305483	1 KB
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	713 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	584 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	545 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	715 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3355	18 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 2577	161 B
1	gstatic.com fonts.gstatic.com	48 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2843 Failed	223 B
1	hyros.com 178194.tracking.hyros.com
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 852889	716 B
237	46

	Domain	Requested by
62	blog.paleohacks.com	blog.paleohacks.com track.mypaleorecipe.com
20	cm.g.doubleclick.net	2 redirects 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	blog.paleohacks.com securepubads.g.doubleclick.net 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
8	www.bing.com	3 redirects 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com www.googletagservices.com
7	ams3-ib.adnxs.com	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com cdn.adnxs.com
7	www.google.com	blog.paleohacks.com tpc.googlesyndication.com 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
5	www.google.de	blog.paleohacks.com
5	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
5	www.facebook.com	blog.paleohacks.com connect.facebook.net
5	connect.facebook.net	blog.paleohacks.com connect.facebook.net
4	ad4m.at	as.ad4m.at ad4m.at
4	d5p.de17a.com	4 redirects
4	as.ad4m.at	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.googletagservices.com	blog.paleohacks.com 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
4	contextual.media.net	blog.paleohacks.com contextual.media.net
3	onetag-sys.com	3 redirects
3	region1.analytics.google.com	www.googletagmanager.com
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	lg3.media.net	blog.paleohacks.com contextual.media.net
3	cdn.attn.tv	blog.paleohacks.com cdn.attn.tv www.googletagmanager.com
3	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	blog.paleohacks.com paleohacks.lpages.co
2	www.awin1.com	1 redirects as.ad4m.at
2	sync.teads.tv	1 redirects
2	gcm.ctnsnet.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	match.adsrvr.org	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
2	cdn.adnxs.com	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
2	adsdk.microsoft.com	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	paleohacks.attn.tv	cdn.attn.tv
2	paleohacks.lpages.co	blog.paleohacks.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	pvx.freenet-mobilfunk.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	x.bidswitch.net	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net
1	static-de.ad4mat.net	as.ad4m.at
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
1	log.pinterest.com	blog.paleohacks.com
1	cdn.mxpnl.com	blog.paleohacks.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	events.attentivemobile.com	cdn.attn.tv
1	fonts.gstatic.com	fonts.googleapis.com
1	assets.pinterest.com	blog.paleohacks.com
1	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	links.paleohacks-mailing.com	1 redirects
237	62

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
paleohacks.lpages.co
pinterest.com
www.printfriendly.com
amzn.to
paleohacks.go2cloud.org
phaff.resurge.hop.clickbank.net
www.instagram.com
paleohacks.com
www.paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-03`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-02`	a year	crt.sh
mypaleorecipe.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Frame ID: 4FB1F348F063AD69B06A8A1F973751E1
Requests: 153 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Frame ID: B9975D5F1483772F9044E18EB8B45F58
Requests: 2 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Frame ID: 5EE9BE2C524220EA04E923F8199A4370
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=441&&kkdd=h%7Cu%7Cn93AH*&9s=B)yrrVyrYM)yyyvGvrv&*cCH=B&.SCT=y&qc9=BBrY&kSq!=3MVM&qsc=vP-eMeMyv&qCqc=dEFEq0oFzU9E9)CAEN8XNo%3D%3D&qHsc=)rGG7)r7v&SsI!=Myyhr7y&qq=wb&Sq=LO&jkkCS=B&H!KDHQ=jkkCS%3A%2F%2FtQW*iCTQ!WjTqXSiqW.%2FCTQ!W4CD.CXsF4SCsq!4cWFDkS%2F&FS!=7&QA=B&D*c=V&sA=BGyy&XkkQ!=PWqWFDk%202QWDH%20fD.CXsF%20wCsq!%206WFDkS&.qu=YYry&C*sc=CyBVyrYB77YBkryrMBrByryMB&jk.QSHq=B&sflct=2583709&ure=1
Frame ID: 8D5A4D5841625E658EC31E523A6D7192
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM
Frame ID: F73F987FB37BD6A4443819D00B1AE30C
Requests: 1 HTTP requests in this frame

Frame: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 93F5DAD8A2F9036D96FA16B11B507E5F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b7157d870c0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3486ebbab45bb8%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=
Frame ID: 79AC93AB3FB4C4642BF04AE261CCA624
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fdc0d5d8e139%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3486ebbab45bb8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: B63D156AE9C9739A9F8D4A259BBEB68E
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: ECDDCC2BA7BF8667C74F396CE49032D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C8C806310AA90D8BDC723497EE537B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0BB21107AF4DB5DB2432E8B0A0D02C24
Requests: 2 HTTP requests in this frame

Frame: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 635EE0FBFD112D239F429CF1A4B77A58
Requests: 18 HTTP requests in this frame

Frame: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06DDC055609E69472D0EF47E8FA53B21
Requests: 9 HTTP requests in this frame

Frame: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A99D00904522F414CA14AF3ED8F794D2
Requests: 15 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h16xgxhmr00nvhakb5ce0gan4zvw6kky25w3ces0zx6mxmt5dzy3a9p7rrt4xbz3jrhjhh41nw6x1p7w2rkttvh33e2grna4jc5amnj7mj5yhfjn80bwamvgwvdfqn6xg1130p862mk7rw7zt0ns5w4p8zb1kr5nnjsqx7485q66dg99j4av37efmgyy4m7jvz92b994zb5g8aevkc38ejzhvb5xz1f8vgg8np251d88gmv45z8x8mjgrdqn4jwn6bej24mh3yzmzfw5f6xqreswe0ze5b3pqqt7mzn01zrfw4d2pks4z16r38g8mcc0vbs0paf3w7brh4jfv01hqvafk8wfr36tc6d8rt2tqp0mm2qp77tfxpmzqrtt2yncrxx131yqfyd3fr76wtthk4dp9a44jtdrbzfd1kp93p0ma90n8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 7BC60E418117FC71112E3A776D24AEBE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEB032EC93102DD9FA2A0F11B4357E09
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: DB598DF968AC7EC4A4277B7183149E8B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3216B32F11AA6C0343ABE97015E0A8FD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D46826710E5D8F0E4D1B88DEDBEE8F49
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 4261DEAF4763C3FFFF876A6A89D333F6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paleo Pumpkin Spice Donuts Recipe | Dairy-Free, Paleo, Gluten-FreeFacebookPinterestTwitterYouTubeFacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/506... HTTP 302
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

237
Requests

90 %
HTTPS

55 %
IPv6

46
Domains

62
Subdomains

49
IPs

12
Countries

2455 kB
Transfer

6647 kB
Size

47
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/
Title: Click here to get your FREE copy of our delicious Dessert Recipes!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/&display=popup&ref=plugin&src=share_button
Title: <img alt="facebook" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/facebook.png"> Share on Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/link/?url=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/&media=https://blog.paleohacks.com/wp-content/uploads/2015/11/Paleo-Pumpkin-Spice-Donuts744.jpg%20&description=Paleo%20Pumpkin%20Spice%20Donuts
Title: <img alt="pin" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/pinterest.png"> Pin It

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/&text=Paleo%20Pumpkin%20Spice%20Donuts
Title: <img alt="twitter" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/twitter.png"> Tweet

Search URL Search Domain Scan URL

URL: https://www.printfriendly.com/print/?url=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Title: <img alt="email" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/email.png"> Email It

Search URL Search Domain Scan URL

URL: http://amzn.to/2toQWt0
Title: Viva Naturals

Search URL Search Domain Scan URL

URL: http://amzn.to/2CvWntz
Title: Hidden Springs Maple

Search URL Search Domain Scan URL

URL: http://amzn.to/2tfF0Lq
Title: Nutiva

Search URL Search Domain Scan URL

URL: http://amzn.to/2tot0pn
Title: Authentic Foods

Search URL Search Domain Scan URL

URL: http://amzn.to/2DId7ym
Title: Wholesome

Search URL Search Domain Scan URL

URL: http://paleohacks.go2cloud.org/aff_c?offer_id=12&aff_id=1000&aff_sub=kslowcta

Search URL Search Domain Scan URL

URL: http://phaff.resurge.hop.clickbank.net/?lid=3&tid=resurgetxt

Search URL Search Domain Scan URL

URL: https://www.instagram.com/courtneyjanetlopez/

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

URL: https://www.paleohacks.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/5069def3217174f9e9db4baf9453eef58248d4d2 HTTP 302
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 194

https://um.simpli.fi/gp_match?google_gid=CAESEPw5A2A4mL1Rr5-Y3x84Tlw&google_cver=1&google_push=AXcoOmRv_onrNJ3pMLYzRtrrWQnJBXXlAskMWYelmXTuxdBQBMKn_159sBxR9bN2zBkz_voAM9R3zfdqy2po_Epcu7CsJdAEx21Xhkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8BA18D677DA84260A53BB4D66EBBB150&google_push=AXcoOmRv_onrNJ3pMLYzRtrrWQnJBXXlAskMWYelmXTuxdBQBMKn_159sBxR9bN2zBkz_voAM9R3zfdqy2po_Epcu7CsJdAEx21Xhkw

Request Chain 196

https://ads.travelaudience.com/google_pixel?google_gid=CAESEK345stJB-t0-HIcXwCLtCs&google_cver=1&google_push=AXcoOmRS6ZLQqnKMKm3mrt7muJX6qv_zEc69mPWaU4yELzYmwflGoX6ehAl6-U6VCasUvIoB6eoy9ByiKTsf63hIZxXx4T1mzTJQzJE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmRS6ZLQqnKMKm3mrt7muJX6qv_zEc69mPWaU4yELzYmwflGoX6ehAl6-U6VCasUvIoB6eoy9ByiKTsf63hIZxXx4T1mzTJQzJE

Request Chain 197

https://d5p.de17a.com/cookies/google?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR-iShufOk HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR-iShufOk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR-iShufOk

Request Chain 198

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF8l6GPS3KKThZWVwe1EqDg&google_cver=1&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqdI73INRsZ4wegrvV_gAikiLY1U HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF8l6GPS3KKThZWVwe1EqDg&google_cver=1&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqdI73INRsZ4wegrvV_gAikiLY1U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY0NzAxOTA0MjI2NDAyMjM3MQ&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqdI73INRsZ4wegrvV_gAikiLY1U

Request Chain 199

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAffAwgxk-J4wX_VFSsRAtk&google_cver=1&google_push=AXcoOmRvKsxuZ4BGolPsVTpccUT4G0HUwMmMOd3vpgMY_6YZQzH_mTpPX_o9zVNWL48WmDOCgu0JI81TwgH_kKYGYu2pZ1wq7f0BNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRvKsxuZ4BGolPsVTpccUT4G0HUwMmMOd3vpgMY_6YZQzH_mTpPX_o9zVNWL48WmDOCgu0JI81TwgH_kKYGYu2pZ1wq7f0BNQ

Request Chain 206

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=142f945f-0e7a-4e43-a33c-0a8d32aa5dce&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=bc32a8c5-5099-44f8-8d93-efa318e6fdb2&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D7795852652c24daeb0adeb89975cdce5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7211594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=1158414072938245587 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7795852652c24daeb0adeb89975cdce5&SNR=1&GV=2&med=10

Request Chain 209

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8cd3d9a3-1d31-4991-acc9-d0a5bf51d219&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36011401-c0b1-466c-9283-3864f88db541&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dbec25ebaee5740e8ab8b279833342800%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7211594&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr_i1&aid=1566526895947254779&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bec25ebaee5740e8ab8b279833342800&SNR=1&GV=2&med=10

Request Chain 223

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP3bfb2sye4tX6spqtQInKI&google_cver=1&google_push=AXcoOmT1IurTwX5prQf8d7JXN7o4YbsmosDKkc4K_35uJiLxDWD_mKc5hEjC3fQ_oAVXSuujpyDhf_NwM_KXTSFZlltjTmZFvieR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU3OTMwNTM1MjI2NjQ4MTM1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3bfb2sye4tX6spqtQInKI&google_cver=1

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPG4Amy5eBgE4y-xMWcuWbk&google_cver=1&google_push=AXcoOmR3mPhIGNvkUae1O_yQyQxqd9yOM6IEyQSKTdILcSOYfY6nvmeFMJjon_Xw9T_23bPGbLUKNYNOEzKOohx1bD-82xE5jafXHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPG4Amy5eBgE4y-xMWcuWbk&google_push=AXcoOmR3mPhIGNvkUae1O_yQyQxqd9yOM6IEyQSKTdILcSOYfY6nvmeFMJjon_Xw9T_23bPGbLUKNYNOEzKOohx1bD-82xE5jafXHQ

Request Chain 225

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIaildp7M0ahI7OAsBKNRno&google_cver=1&google_push=AXcoOmTsKzJu7hGWJDyW7tgAvSPcEtMJDDY0b0sFOT9gl8V9z6o1MCctCGOZRMWOTRmSbaHfBw1IRLxmZjsDW7HZfQr1rYctJwSh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTsKzJu7hGWJDyW7tgAvSPcEtMJDDY0b0sFOT9gl8V9z6o1MCctCGOZRMWOTRmSbaHfBw1IRLxmZjsDW7HZfQr1rYctJwSh&google_hm=dEXDLfhtTYOdTVdA_L508uk

Request Chain 226

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIP4hgxyhiK2_iCZED3txAY&google_cver=1&google_push=AXcoOmRym7DQ5s1wKlzGLuedCRENtkVuZVrAmuYxC5NQaWna8RSwt8RJJ86oeSKsi40XI_klqSdtboCyyMD3VeLhwy4-C8mtKinY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTA2NjQwOTg1NTE1NDMxNQ%3D%3D&google_push=AXcoOmRym7DQ5s1wKlzGLuedCRENtkVuZVrAmuYxC5NQaWna8RSwt8RJJ86oeSKsi40XI_klqSdtboCyyMD3VeLhwy4-C8mtKinY

Request Chain 227

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhDKGTRZhF-8lrdeGiKzaI&google_cver=1&google_push=AXcoOmRtV0nk40ziULwhvgUtiQ5RrzN38jVB8a7_fQEGLifBDfHLUV9Z9N6LVXPigADeWcCnN_Dv-AC_S62noyFnb7eoN6-5PrFYTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtV0nk40ziULwhvgUtiQ5RrzN38jVB8a7_fQEGLifBDfHLUV9Z9N6LVXPigADeWcCnN_Dv-AC_S62noyFnb7eoN6-5PrFYTg&google_hm=eS1TanA4NGhaRTJwRkdkOU1DSUl4WDgzUkdzT1pEVndJMX5B

Request Chain 228

https://d5p.de17a.com/cookies/google?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmTggjXvtk8IwD4nkGeAUOPuYXZF6PxECvn5vBuiCjEk9Fig9i3gsVLhkuP6Se1EhK-3al9-Dm9vm2m5H42iUMLu_qT_YZFH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTggjXvtk8IwD4nkGeAUOPuYXZF6PxECvn5vBuiCjEk9Fig9i3gsVLhkuP6Se1EhK-3al9-Dm9vm2m5H42iUMLu_qT_YZFH

Request Chain 229

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAffAwgxk-J4wX_VFSsRAtk&google_cver=1&google_push=AXcoOmQDuDLrYsWL7uHx_Ul2AxuZpDeff_-Dvde7MyTy7CXuzMKF-_calIrs4QAicA-gi_1-BPexXNJbj_PQlDFzX1-6nWJpZcOmRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDuDLrYsWL7uHx_Ul2AxuZpDeff_-Dvde7MyTy7CXuzMKF-_calIrs4QAicA-gi_1-BPexXNJbj_PQlDFzX1-6nWJpZcOmRA

Request Chain 232

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIaildp7M0ahI7OAsBKNRno&google_cver=1&google_push=AXcoOmT5-z4sMSIiGutrC4Jbw0nnvxMKRcLlJ0PAcVnSuyis_KdQINqrQ-GwK6GAz753GGf1C8yguak9tpNBr6PFV0qoW8Wt_MdwMXty HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT5-z4sMSIiGutrC4Jbw0nnvxMKRcLlJ0PAcVnSuyis_KdQINqrQ-GwK6GAz753GGf1C8yguak9tpNBr6PFV0qoW8Wt_MdwMXty&google_hm=yrGO1y8-QICnlUsV2vzYzOk

Request Chain 233

https://ads.travelaudience.com/google_pixel?google_gid=CAESEK345stJB-t0-HIcXwCLtCs&google_cver=1&google_push=AXcoOmTCcXsIalpwpyXrcXMaXaiL7nrLT0CtCX8YcxUpATteHWF9hFuOssVss1nca2ry1W3skOVG1Dk3MyND1zq3Ky0DqNRPrnIu9EeS HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmTCcXsIalpwpyXrcXMaXaiL7nrLT0CtCX8YcxUpATteHWF9hFuOssVss1nca2ry1W3skOVG1Dk3MyND1zq3Ky0DqNRPrnIu9EeS

Request Chain 235

https://d5p.de17a.com/cookies/google?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmT0JfXBPdKyScebxcvxQ51napJJlrB8PLfKIYhyIGOsewt7MVTeHbRiY64sj-yZ7yS5a5VtAlgOBrrdKn2XS3XTreOPT9a3xf5v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0JfXBPdKyScebxcvxQ51napJJlrB8PLfKIYhyIGOsewt7MVTeHbRiY64sj-yZ7yS5a5VtAlgOBrrdKn2XS3XTreOPT9a3xf5v

Request Chain 236

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAffAwgxk-J4wX_VFSsRAtk&google_cver=1&google_push=AXcoOmQXkp8k7WUS1ec7mn21ZgvNF6X1FZVXci2LkzXsA4_xQbvbmkhZLw68pv6Ltye1yN9sTLhnnntvdLXINhk7ypJu3_7Q15nbdwRp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQXkp8k7WUS1ec7mn21ZgvNF6X1FZVXci2LkzXsA4_xQbvbmkhZLw68pv6Ltye1yN9sTLhnnntvdLXINhk7ypJu3_7Q15nbdwRp

Request Chain 237

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKD5r3nBiLACIm47LgQF0D8&google_cver=1&google_push=AXcoOmSDtHCUNZihxyiTVVYp5EB_ECF4e7WCxwPFqhfwJ2Xa4meFy94nHWV32eYRu-nYuymVRl1S62vcRYnC2ekF3xODHe8DHLDqbVt17Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSDtHCUNZihxyiTVVYp5EB_ECF4e7WCxwPFqhfwJ2Xa4meFy94nHWV32eYRu-nYuymVRl1S62vcRYnC2ekF3xODHe8DHLDqbVt17Q HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 249

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRGoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702240298_1ea88635-979b-11ee-9488-2234841a3abe

Request Chain 253

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8cd3d9a3-1d31-4991-acc9-d0a5bf51d219&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36011401-c0b1-466c-9283-3864f88db541&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dbec25ebaee5740e8ab8b279833342800%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7211594&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr_i1&aid=1566526895947254779&wp= HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bec25ebaee5740e8ab8b279833342800&tids=15000&med=10

237 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/5069def3217174f9e9db4baf9453eef58248d4d2
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

160 KB
31 KB

740ms
659ms

Document
text/html

2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: 80ceff8dfdef655b9eb6a9464fb540b95314247cb539c0244abb757a6bd0544a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 83384087693f91d5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 20:31:33 GMT
expires: Sun, 10 Dec 2023 20:31:33 GMT
last-modified: Sun, 10 Dec 2023 11:48:57 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 20:31:32 GMT
location: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.22.1 + Phusion Passenger(R) 6.0.18
status: 302 Found
transfer-encoding: chunked
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 5.3.7
x-request-id: 3f8a7f65-cc7e-4a73-b4d9-db7101f887b6
x-runtime: 0.032131
x-xss-protection: 1; mode=block

GET
H2 200 schema-style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/schema-creator/lib/css/ 673 B
409 B 41ms
40ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/schema-creator/lib/css/schema-style.css?ver=1681483471
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31395ea37360cb79a7d85a8a9d46aa7b1a0156461f189ae821905441daad80a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 248955
cf-polished: origSize=680
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:31 GMT
server: cloudflare
etag: W/"643966cf-2a8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408b9e1791d5-FRA
expires: Sat, 06 Jan 2024 23:22:18 GMT

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
166 B 40ms
39ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 832605
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408b9e1c91d5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 31 Dec 2023 05:14:48 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 44ms
44ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 385678
etag: W/"643966cb-e6e4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408b9e1d91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jan 2024 09:23:35 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 42ms
42ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 58440
etag: W/"650200aa-19824"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408b9e1f91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 04:17:33 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 48ms
46ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2488938
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bae3c91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 01:09:15 GMT

GET
H2 200 font-awesome.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 31 KB
7 KB 44ms
42ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 1635961
etag: W/"643966cb-7b13"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bae3d91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Dec 2023 22:05:32 GMT

GET
H2 200 fonts.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 3 KB
413 B 42ms
40ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 1006573
etag: W/"643966cb-a81"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bae3e91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 04:55:20 GMT

GET
H2 200 front.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/ 729 B
316 B 43ms
41ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 212431
etag: W/"643966cb-2d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe4091d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jan 2024 09:31:02 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 2 KB
823 B 47ms
45ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 912100
cf-polished: origSize=2221
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-8ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe4191d5-FRA
expires: Sat, 30 Dec 2023 07:09:53 GMT

GET
H2 200 twitter-feed.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/ 1 KB
558 B 46ms
44ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 2565528
cf-polished: origSize=1466
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe4291d5-FRA
expires: Mon, 11 Dec 2023 03:52:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 256ms
92ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0ef3f2ef1f7defcf7b9bd90f7fb577b56eb65b3b26568f8fc1fa65b0b7bb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 20:31:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:31:33 GMT

GET
H2 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
14 KB 55ms
53ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 923452
etag: W/"65020110-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe5291d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 04:00:41 GMT

GET
H2 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 56ms
55ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 928336
etag: W/"65020110-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe5591d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 02:39:17 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/ 1 KB
506 B 53ms
52ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 928741
cf-polished: origSize=1055
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-41f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe5791d5-FRA
expires: Sat, 30 Dec 2023 02:32:32 GMT

GET
H2 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 64ms
63ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 135023
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe5991d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 08 Jan 2024 07:01:10 GMT

GET
H2 200 sspop.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 56ms
55ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/sspop.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 844193
cf-polished: origSize=3500
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-dac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe5a91d5-FRA
expires: Sun, 31 Dec 2023 02:01:40 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/ 22 KB
5 KB 55ms
54ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 1001161
cf-polished: origSize=22749
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-58dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8338408bbe5c91d5-FRA
expires: Fri, 29 Dec 2023 06:25:32 GMT

GET
H2 200 jquery.min.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 85 KB
31 KB 58ms
58ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 555333
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408bbe5f91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 10:16:00 GMT

GET
H3 200 jquery-migrate.min.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 13 KB
5 KB 55ms
54ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 181339
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2b95362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 18:09:14 GMT

GET
H3 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 53 B
294 B 54ms
54ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 394955
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2b9c362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:48:58 GMT

GET
H3 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
572 B 55ms
52ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 303464
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2ba3362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 08:13:49 GMT

GET
H3 200 634.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 85ms
82ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/634.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 394954
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2ba5362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:48:59 GMT

GET
H3 200 675.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/ 5 KB
2 KB 85ms
82ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/675.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 139778
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2ba7362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 05:41:55 GMT

GET
H3 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 910 B
645 B 55ms
53ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 410203
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2baa362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 02:34:50 GMT

GET
H3 200 653.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/ 90 KB
27 KB 86ms
83ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 475607
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bac362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 08:24:46 GMT

GET
H3 200 dtag.js Show response
blog.paleohacks.com/wp-content/cache/min/1/paleohacks/ 3 KB
2 KB 56ms
53ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 394954
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bad362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:48:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 93ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd34a470dd86a35ccb127e7beea422ec0be70c6fe1eb0569f58eff2ba8920528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 20:31:33 GMT
content-md5: cZ65eFo9hyrqfbL0D6mymg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: W7pcSASs5MexJzYOgLQRnYf2YT2mxwCNe3dco1l62YZOzl0yaL8UPrkAnstpEIIcattDRyZDFYk5+PoFQzKE5A==
x-fb-content-md5: a717a4fe7b7be0e33b5282a2ee40fabc
cross-origin-opener-policy: same-origin-allow-popups
etag: "ef22bb8b2fdeaa7432b9c18f50becddd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:37:32 GMT

GET
H3 200 gpt.js Show response
blog.paleohacks.com/wp-content/cache/min/1/tag/js/ 78 KB
27 KB 117ms
114ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:29 GMT
server: cloudflare
age: 226564
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bae362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 05:35:29 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 112 KB
43 KB 202ms
77ms Script
text/javascript 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8b97dddae741c1a857fd0d477fe95965f4e8de2465e8c9b195fb65ce1e117926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-mnt-h: 22-s1v0
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 10 Dec 2023 20:31:33 GMT
server: Apache
etag: "ec97876a35c8ab0890df628c246804f5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-s1v0
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:36:33 GMT

GET
H3 200 leadbox-1556322866.js Show response
blog.paleohacks.com/wp-content/cache/min/1/ 14 KB
5 KB 56ms
54ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca275dd77cd911cd2e6fa1612657cfc3b67f9577d390eb8639fcea27085b285e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:45:03 GMT
server: cloudflare
age: 226564
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2baf362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 05:35:29 GMT

GET
H3 200 pinit.js Show response
blog.paleohacks.com/wp-content/cache/min/1/js/ 360 B
467 B 147ms
145ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 440182
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb1362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 18:15:11 GMT

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 148ms
146ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 151743
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb2362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 02:22:30 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
928 B 149ms
147ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 395964
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb3362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:32:09 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/ 259 B
411 B 149ms
147ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 323415
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb4362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 02:41:18 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
950 B 150ms
148ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 47015
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb5362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 07:27:58 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/ 4 KB
1 KB 151ms
149ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/556.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 477526
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb6362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 07:52:47 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
1 KB 152ms
150ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 49855
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb7362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 06:40:38 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
944 B 152ms
150ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 575613
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bb9362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 04:38:00 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 154ms
152ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 170702
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bba362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 21:06:30 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
442 B 154ms
152ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 569321
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bbc362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 06:22:52 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 155ms
153ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 228583
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bbe362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 05:01:50 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 155ms
153ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 231886
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bc2362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 04:06:47 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 156ms
154ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 323415
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bc3362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 02:41:18 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
948 B 156ms
155ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 323415
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bc4362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 02:41:18 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
283 B 157ms
155ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 479940
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bc5362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 07:12:33 GMT

GET
H3 200 sdk.js Show response
blog.paleohacks.com/wp-content/cache/min/1/en_US/ 2 KB
1 KB 157ms
156ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 55709
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bc8362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 05:03:04 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 158ms
156ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 151743
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bca362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 02:22:30 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 158ms
157ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 575613
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bcb362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 04:38:00 GMT

GET
H3 200 lazyload.min.js Show response
blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 159ms
157ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:07:28 GMT
server: cloudflare
age: 300627
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8338408c2bcd362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 09:01:06 GMT

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 391ms
130ms Script
text/javascript 18.208.83.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.83.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-83-62.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 92ms
30ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 20:31:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: aYCsLB3bph3076/QucIkVYMH3dp+T3pJ+iUrY10c65EKw1hyyY2quYruO4dLPMRJx2BZErQq9y3ZupCmyEXDjA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 91 KB
30 KB 319ms
156ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

debffc17b86b653a5cbeb2cf718eab79012b52cfd2994ebeb32fbf2b458041d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29939
x-xss-protection: 0
server: cafe
etag: 787 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
88 KB 251ms
89ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d954ed372014ec6c967b5e6aae402fe9c55d9bf8e259cfcdc63deb0b04886933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89962
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 20:31:33 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 35 KB
13 KB 161ms
160ms Other
image/svg+xml 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ecfb7fb539e851138504ca730068408f677cff5d7ef348a0c7f69dbb31371a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:32 GMT
server: cloudflare
age: 999810
etag: W/"65020130-8b8c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 8338408c2bce362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 06:48:03 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a108be93e8ddf9fce244196e866adde603fb715eafb8632fc36e733dba6edbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5a0efdff20b3d57efe46e272d0702939bf9d2e48c678f4052c8f4f5fe15c56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e790e57b5e2b425d26a169ff72f22467114f21753bc0750ac13fec1654e6fc33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbc17325e7575f7e337eb7305faaf6194c45d177ec3fff630e4eabbba3d560de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02f64ee610b067e74b7a42948c410fbc0e438d53f6d8f4e16afc3594d73745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fbfff963eb97f28e3b6bdc5e628e27fac2717beca2642b76e7171abb126147d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 229788376a77ac6380dcf37286c503556f46dd5f35886ac2b0df144331fe6225

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS /
api.ipify.org/ Frame 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
api.ipify.org/ 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
87 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a1e62876421d023b939d1f09033b37d1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6553a6fa0d67bc6085504331cebaa20bd6df5608b5ae452254c68d9e4dd3c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 20:31:33 GMT
content-md5: D0VX0gH6YZCqkE6pdMJeNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88321
reporting-endpoints
x-fb-debug: dYRx8oPeT70+aisDpqwwQ2FyoGoAOAlynafgGJ7swTszRc2rvNRfX/NbUiE7tu6vTTiueBLidSBFlMqxy16p2w==
x-fb-content-md5: ca58ea59634110969f51e88247a0604e
cross-origin-opener-policy: same-origin-allow-popups
etag: "a5a97edb220f15530b82be9331d611ee"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 09 Dec 2024 20:06:51 GMT

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 129 KB
43 KB 144ms
37ms Script
application/javascript 2600:9000:20a0:c200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:c200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fefb10032e9c503375fd8ac3cc2be876f835b2e6ea5022fbcb57a9b9babd1259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: qLlRei2HZrdVo_myH.cAh_Db9GlUd3MX
content-encoding: gzip
via: 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 20:28:47 GMT
x-amz-cf-pop: AMS58-P2
age: 178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Dec 2023 15:43:14 GMT
server: AmazonS3
etag: W/"fa062f1be70d0da0b7a2a2952bef5fd6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: OJFQ5x-wM2TS0TcvzSxYXdm2guNftHSo0XwZ7kdA-fqqyWGMI9xxAA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 399 KB
124 KB 251ms
79ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 02:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64761
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126556
x-xss-protection: 0
server: cafe
etag: 15138777047932052885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Dec 2024 02:32:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 99 B
606 B 269ms
111ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.paleohacks.com

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63d12dbf3b29cbb9d519b177015c29f8af1cff648742bb999bd278b57333864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64
x-xss-protection: 0
expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H3 404 can-i-show.js
blog.paleohacks.com/static/all/js/ 0
0 1389ms
1384ms Script
text/html 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/static/all/js/can-i-show.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=43200, must-revalidate
cf-ray: 8338408d2d34362c-FRA
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 137ms
29ms Script
application/javascript 2a02:26f0:480:4a5::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.4065578711648359
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:4a5::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=96
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 18679

GET
H2 404 / Show response
paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/ Frame B997 12 KB
4 KB 901ms
586ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sun, 10 Dec 2023 20:31:34 GMT
server: Leadpages
vary: Accept-Encoding

GET
H2 404 / Show response
paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/ Frame 5EE9 12 KB
4 KB 852ms
539ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sun, 10 Dec 2023 20:31:34 GMT
server: Leadpages
vary: Accept-Encoding

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 2 KB
843 B 1298ms
1298ms XHR
text/html 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=display_popular_articles&_=1702240293767

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

7634609c5c178f85f1210f8cf334440c1eeb25c4b54151f1dae45808954c2bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 8338408dadd2362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 233ms
75ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:32:10 GMT
x-content-type-options: nosniff
age: 143964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 04:32:10 GMT

GET
H2 200 1143227772537202 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1143227772537202?v=2.9.138&r=stable&domain=blog.paleohacks.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83d7c740e561b74bac04477add1ac4134814be5c9563e8bb87c62310be09cfc0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 20:31:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35436
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: LJBWJYOc0k4vQMLbNQnwIeMr/tXop3MFvt2Gh1UNe9Xa4maP3RK9+7iX13TMi6BRrBWwj84Ba+rskPGZLKk7gw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 47ms
47ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 713626
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe4b362c-FRA
expires: Mon, 01 Jan 2024 14:17:47 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
15 KB 45ms
45ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 53316
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe4d362c-FRA
expires: Tue, 09 Jan 2024 05:42:58 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 48ms
48ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 2561059
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe4f362c-FRA
expires: Mon, 11 Dec 2023 05:07:15 GMT

GET
H3 200 Paleo-Pumpkin-Spice-Donuts.jpg
blog.paleohacks.com/wp-content/uploads/2015/10/ 154 KB
154 KB 744ms
743ms Image
image/jpeg 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/Paleo-Pumpkin-Spice-Donuts.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d415d7adf36a43a11096c6c55f4e3dc23a1aaa2adc020e93dcccc678c3729c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 16:32:59 GMT
server: cloudflare
etag: "5dc6ea3b-26844"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe51362c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 157764
expires: Tue, 09 Jan 2024 20:31:34 GMT

GET
H3 200 instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/12/ 10 KB
10 KB 46ms
45ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/12/instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 2549589
cf-polished: qual=85, origFmt=jpeg, origSize=13651
content-disposition: inline; filename="instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10232
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 03:23:53 GMT
server: cloudflare
etag: "5fd2e649-3553"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe52362c-FRA
expires: Mon, 11 Dec 2023 08:18:25 GMT

GET
H3 200 Breadfruit-Flour-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/10/ 14 KB
14 KB 77ms
76ms Image
image/jpeg 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/10/Breadfruit-Flour-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 2104
cf-polished: degrade=85, origSize=19193, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 13929
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Oct 2020 21:03:53 GMT
server: cloudflare
etag: "5f8f50b9-4af9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe54362c-FRA
expires: Tue, 09 Jan 2024 19:56:30 GMT

GET
H3 200 The-14-Day-Keto-Meal-Plan800-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/09/ 30 KB
31 KB 78ms
78ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/09/The-14-Day-Keto-Meal-Plan800-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 1088613
cf-polished: qual=85, origFmt=jpeg, origSize=36409
content-disposition: inline; filename="The-14-Day-Keto-Meal-Plan800-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30954
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Sep 2020 22:14:02 GMT
server: cloudflare
etag: "5f63dfaa-8e39"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe57362c-FRA
expires: Thu, 28 Dec 2023 06:08:01 GMT

GET
H3 200 The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
blog.paleohacks.com/wp-content/uploads/2019/03/ 73 KB
73 KB 50ms
50ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/03/The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: HIT
age: 713627
cf-polished: qual=85, origFmt=jpeg, origSize=109440
content-disposition: inline; filename="The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74830
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Nov 2019 20:19:53 GMT
server: cloudflare
etag: "5dc9c269-1ab80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338408dfe58362c-FRA
expires: Mon, 01 Jan 2024 14:17:46 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/1017354394/ Frame 8D5A 62 KB
23 KB 287ms
287ms Document
text/html 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=441&&kkdd=h%7Cu%7Cn93AH*&9s=B)yrrVyrYM)yyyvGvrv&*cCH=B&.SCT=y&qc9=BBrY&kSq!=3MVM&qsc=vP-eMeMyv&qCqc=dEFEq0oFzU9E9)CAEN8XNo%3D%3D&qHsc=)rGG7)r7v&SsI!=Myyhr7y&qq=wb&Sq=LO&jkkCS=B&H!KDHQ=jkkCS%3A%2F%2FtQW*iCTQ!WjTqXSiqW.%2FCTQ!W4CD.CXsF4SCsq!4cWFDkS%2F&FS!=7&QA=B&D*c=V&sA=BGyy&XkkQ!=PWqWFDk%202QWDH%20fD.CXsF%20wCsq!%206WFDkS&.qu=YYry&C*sc=CyBVyrYB77YBkryrMBrByryMB&jk.QSHq=B&sflct=2583709&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

bb21ead4372ebb64e4fabcf96d2f9f0c498494f4d6814041b0aca759be9933f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 23753
content-type: text/html
date: Sun, 10 Dec 2023 20:31:34 GMT
expires: Sun, 10 Dec 2023 20:31:34 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-sc-h: 22-sslh

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F73F 16 KB
6 KB 76ms
76ms Document
text/html 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

62ba217c47f8a530cd1fbab05b9e9321cd16914ee0199eb35944638261e2ebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 5966
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 20:31:34 GMT
expires: Tue, 12 Dec 2023 20:31:34 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 35 B
338 B 130ms
39ms Image
image/gif 23.1.108.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=602&&vgd_cdv=1129&vgd_cage=5&vgd_tsce=L343&vgd_mcf=9920&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&vi=1702240293700086828&ugd=4&lf=6&cc=SE&sc=AB&lper=100&wsip=170785191&r=1702240294075&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1702240293123878417&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p01402915591t202312102031&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&hvsid=00001702240294072032401633282680&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.108.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-108-46.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 10 Dec 2023 20:31:34 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
257 B 496ms
437ms Fetch
application/json 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=13b3213938c54441b2d9cdc909a4ced6
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-ray: 8338408e79e54504-TXL
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
161 B 185ms
132ms Ping
text/plain 172.64.148.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.25.43_97c1433b34&pd=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&u=13b3213938c54441b2d9cdc909a4ced6&c=paleohacks&ceid=UsU&lt=1702240294089&tag=modern&cs=1003945166&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1702240294091
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 6
cf-ray: 8338408e79d3267d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
382 B 376ms
376ms Script
text/javascript 2600:9000:20a0:c200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:c200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 03:31:47 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 61214
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: NAET3n1GqA7Qc1J5mAt0AGkuSb22fPK_MM8pEXs76fGQsF7Evjx2FQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 86ms
28ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1143227772537202&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&rl=&if=false&ts=1702240294097&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702240294097.61119671&ler=empty&it=1702240294052&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 20:31:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
90 KB 95ms
95ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7517d7ef232cd0373e172e8c979d261e557a1b2246286d452c8b69836848b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 3 KB
2 KB 272ms
115ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1702240294196&cv=11&fst=1702240294196&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&hn=www.googleadservices.com&frm=0&tiba=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73ad9dc13eecabb377ab6e988a114a029001dc6d233bd6fdb0022d22624f6ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 235ms
75ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 18:42:48 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6526
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 20:42:48 GMT

GET
H3 200 405752247076167 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405752247076167?v=2.9.138&r=stable&domain=blog.paleohacks.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62db4a83c7d9a73707f55c212f1b5e56811aa93df17077559b84b41123863248

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 20:31:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35494
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PLLTB+yNkrblzQP9nsJLwe4I0Bijahf288i8u7y/D3z30oYcH/NCn7/mKi9/pggvcQJw2et5FOffO+0WUXiRyw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 31ms
30ms Script
application/javascript 2a02:26f0:480:4a5::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:4a5::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1793

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 134ms
45ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4077
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHo73TFAmI8FbA1xMSDu2IWGPZh%2BK5%2F2IkvAteBuSrHMRmFR7zMgtWt8NGeC7oB0HktJUrG%2F%2FFh1onfQmKB1p3AAzFfFyByZpk4yoXNQgcltShSJYthKuJhA96Rd6GN5b8g5F4z5cT9pBrIYpVlxOOg95FRChA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8338408f6d4a3686-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 163ms
50ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:30:33 GMT
content-encoding: gzip
age: 61
x-guploader-uploadid: ABPtcPrG81dhzgRlEXekH6OUS-ZVe0fDPnlgF9r2Rt7p6v6pn7Ezzan2KO47qQdoSuaFHzasgA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18139
last-modified: Tue, 14 Nov 2023 19:54:10 GMT
server: UploadServer
etag: "dff66d0b72bdc18a02be56412d5ef8c4"
vary: Accept-Encoding
x-goog-generation: 1699991650202934
x-goog-hash: crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18139
accept-ranges: bytes
expires: Sun, 10 Dec 2023 20:40:33 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 1251ms
1251ms Script
text/javascript 2600:9000:20a0:c200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:c200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 20:31:36 GMT
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: q1VscHkInlMgXvJZbzHYjaNg4nD79kiLuunG2_7c_E6bZnK8nkiyAQ==

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 31ms
31ms Script
application/javascript 2a02:26f0:480:4a5::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:4a5::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18895

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 29ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&rl=&if=false&ts=1702240294262&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1702240294097.61119671&ler=empty&it=1702240294052&coo=false&tm=1&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 20:31:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 29ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&rl=&if=false&ts=1702240294262&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1702240294097.61119671&ler=empty&it=1702240294052&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 20:31:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
620 B 137ms
57ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615989242318&cb=1702240294279&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6820410422886234
content-length: 172
pin-unauth: dWlkPVpEVXhaR0kzWVRFdFpqRmpZUzAwWm1abUxUbG1ZbUV0WW1KaVlqRTRaRE0wT1RNMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: e7249d1c03a7694dfa35055671bb9f996ab3ca0c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
216 B 140ms
60ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1702240294280
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: d78e8bb29a918984956646dda95b1f312bf96e54
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2590684855797374
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 163ms
57ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je3bt0v871543173z877268957&_p=1702240293771&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1502073168.1702240294&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702240294&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2017
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 223ms
74ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=1502073168.1702240294&gtm=45je3bt0v871543173z877268957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 259ms
101ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=1502073168.1702240294&gtm=45je3bt0v871543173z877268957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=126194978

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 41ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4076
cf-polished: origSize=3254
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlKYyhkHLHNVcCSQbYYmTdoqhwggVnZn7%2BH%2BCY4RMviMHVDSkXcZPAbuWMRxxVPP3AdtvLw4S2uDJLhQGQMLt8YTghyMIytTRLuEf%2BZiqUjPj6fJJFUfOlMYrnNzsLV7wD%2FNGLMG8XGBivYSUfKoA1E5ywJ4lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8338408ffe023686-FRA

GET
DATA 200
OK truncated
/ Frame 8D5A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet3.woff
contextual.media.net/__media__/fonts/bullet3/ Frame 8D5A 2 KB
2 KB 264ms
264ms Font
font/woff 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet3/bullet3.woff

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=441&&kkdd=h%7Cu%7Cn93AH*&9s=B)yrrVyrYM)yyyvGvrv&*cCH=B&.SCT=y&qc9=BBrY&kSq!=3MVM&qsc=vP-eMeMyv&qCqc=dEFEq0oFzU9E9)CAEN8XNo%3D%3D&qHsc=)rGG7)r7v&SsI!=Myyhr7y&qq=wb&Sq=LO&jkkCS=B&H!KDHQ=jkkCS%3A%2F%2FtQW*iCTQ!WjTqXSiqW.%2FCTQ!W4CD.CXsF4SCsq!4cWFDkS%2F&FS!=7&QA=B&D*c=V&sA=BGyy&XkkQ!=PWqWFDk%202QWDH%20fD.CXsF%20wCsq!%206WFDkS&.qu=YYry&C*sc=CyBVyrYB77YBkryrMBrByryMB&jk.QSHq=B&sflct=2583709&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=441&&kkdd=h%7Cu%7Cn93AH*&9s=B)yrrVyrYM)yyyvGvrv&*cCH=B&.SCT=y&qc9=BBrY&kSq!=3MVM&qsc=vP-eMeMyv&qCqc=dEFEq0oFzU9E9)CAEN8XNo%3D%3D&qHsc=)rGG7)r7v&SsI!=Myyhr7y&qq=wb&Sq=LO&jkkCS=B&H!KDHQ=jkkCS%3A%2F%2FtQW*iCTQ!WjTqXSiqW.%2FCTQ!W4CD.CXsF4SCsq!4cWFDkS%2F&FS!=7&QA=B&D*c=V&sA=BGyy&XkkQ!=PWqWFDk%202QWDH%20fD.CXsF%20wCsq!%206WFDkS&.qu=YYry&C*sc=CyBVyrYB77YBkryrMBrByryMB&jk.QSHq=B&sflct=2583709&ure=1
Origin: https://contextual.media.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1688
expires: Mon, 11 Dec 2023 20:31:34 GMT

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 250ms
81ms Script
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 412ms
412ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3746281469254323&correlator=1785936301987084&eid=31072879%2C21065725&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2CPHBlog300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&adks=79842087%2C1706127594&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702240294417&lmt=1702208937&dlt=1702240293675&idt=727&adxs=-9%2C690&adys=-9%2C1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=20&vis=1&psz=0x-1%7C300x250&msz=0x-1%7C300x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=1502073168.1702240294&ga_sid=1702240294&ga_hid=1229173518&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c159bee825cd3070d906cf6f29a93bcb17edfed5f3578b4b8a1e1d1c1d5e8c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17890
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93F5 6 KB
3 KB 260ms
92ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:34 GMT
expires: Mon, 09 Dec 2024 20:31:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Dec 2023 20:56:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 83ms
82ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1229173518&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&ul=en-us&de=UTF-8&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEAjAAAAACAAI~&jid=190836987&gjid=262180531&cid=1502073168.1702240294&tid=UA-42752472-1&_gid=1571426548.1702240294&_r=1&_slc=1&gtm=45He3bt0n81TJTDCJGv77268957&cd1=recipes&cd2=October%2021%2C%202015&cd3=Courtney%20Hamilton&cd5=coconut-flour-recipes%2Cdessert-recipes%2Coven%2Cpumpkin-recipes%2Ctapioca-flour-recipes%2Cvegan%2Cvegetarian&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=158431761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 508ms
508ms Fetch 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.25.43&r=&id=13b3213938c54441b2d9cdc909a4ced6&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 79
cf-ray: 833840907d974504-TXL
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
455 B 247ms
88ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1702240294196&cv=11&fst=1702238400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77268957&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=0&tiba=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&fmt=3&is_vtc=1&cid=CAQSGwDICaaN4n0EywYIrS-1xO1DA4Kwq48kRtEGoA&random=3539181013&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
455 B 134ms
88ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1702240294196&cv=11&fst=1702238400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77268957&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=0&tiba=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&fmt=3&is_vtc=1&cid=CAQSGwDICaaN4n0EywYIrS-1xO1DA4Kwq48kRtEGoA&random=3539181013&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 88ms
87ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1229173518&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&ul=en-us&de=UTF-8&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjBAAAACAAI~&jid=847853006&gjid=878237262&cid=1502073168.1702240294&tid=UA-81910700-1&_gid=1571426548.1702240294&_slc=1&gtm=45He3bt0n81TJTDCJGv77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1149327776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 75ms
74ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=1502073168.1702240294&jid=847853006&gjid=878237262&_gid=1571426548.1702240294&_u=aCDAiEAjBAAAAGAAI~&z=865276522

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 78ms
78ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1229173518&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&ul=en-us&de=UTF-8&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Dessert%20Recipes%20Lead%20Magnet&_u=aCDACEAjBAAAAGAAI~&jid=&gjid=&cid=1502073168.1702240294&tid=UA-42752472-1&_gid=1571426548.1702240294&gtm=45He3bt0n81TJTDCJGv77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=186527319

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 00:01:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 74ms
74ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=1502073168.1702240294&jid=190836987&gjid=262180531&_gid=1571426548.1702240294&_u=YADAAEAiAAAAACAAI~&z=953929336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
86 KB 93ms
93ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30a694adb13868297155bb6363f53335e6bc53c3ff760f90ecba698cfbb2826b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 118ms
101ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=1502073168.1702240294&jid=847853006&_u=aCDAiEAjBAAAAGAAI~&z=938159712

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 103ms
102ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=1502073168.1702240294&jid=847853006&_u=aCDAiEAjBAAAAGAAI~&z=938159712

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 112ms
105ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=1502073168.1702240294&jid=190836987&_u=YADAAEAiAAAAACAAI~&z=1110515690

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 101ms
101ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=1502073168.1702240294&jid=190836987&_u=YADAAEAiAAAAACAAI~&z=1110515690

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 8D5A 15 B
348 B 113ms
113ms Script
text/javascript 23.1.108.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=3818&&vgd_canary=0&vgd_l2type=scs_newfl&fp=DITl5fNLJevlvL7pHD-sli_uJ3WC_3niuTsNiqWy6MrJ_SyYn0qAIhgx31HIbBYWf02T4LqcZIdNyrro_-2Ute_JZDxHMOnDadxaq8f0DdU0bTPfuDfKkIiGPjqezW_Vaf8XQ7HlM7wqSaygAdPwLw%3D%3D&cme=-SZ7v1ST0XI2cXiL6i3pU6Ukrr03rU2gotqlHbG3dKopMDxW3dOdpR4GRwK2EyPKMlajjOzwbCHLymSHCpxgeWzMbr6-8NHVFUFEXADqkhFaquf8k6V8jY8ac7opgo4yh2e2U5uhK-pxOhtAfvruWROReEUCx9G8FoaF0Jlsx0cDpjwW4c0tgTszdwjTLVJ84GOZwQVc19wPzUonsTPAWTW6fau9f1351hrqkqTXGQSm1zH_lUj4L4OJzET-DTplbzY4Pd0ESyMXIlRsAMzpDLFl2_Cs6aw3p_K6GokIhEnUi3iTUl3aFiPiZusd9CdZEezAlg7TiGo%3D%7C%7CKOA2tkfoPlCxJ92iUGwOALsAXGRVkDlah-qs4kGzi74N2P0dojbI_lsDNybH4lOc1g59zovZuus%3D%7Ca0AmFUYXmD6xgDV1rtT8tb0A3Zhve8y8ElfuNo1dWl7e4w_1j2cZBdRYuTwT1onjftaqhqG0pkCWubmEnJ9aIA%3D%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7CmClgOaCafYNwCFd2vxNebJfTy-LBHnga_UFYoKGTBJkNsNYBFd7fnxjpPuUjleCDkZQPd49lzIbycfqSd_dAR-Bj_QtOrnJ9TMuJ6fDgG1TqxkCXr105u-pmBTzsVW7r1akq0FX9nkxc67ywI7cWgeBoAgbv5qMFi_uJnkWFHsF_XapWRZTSNFnE8_2I6e5wJA-Y1X1fvRXSaM5-x2L_Wj4Aa5Q8BBo7yA-bZE0tyyOZcSedSrO0DLho858wctzdZRZV3_PXtn1jtInTCq8Rmg%3D%3D%7C&ksu=224&fdkt=307&vgde_kbbh=ffoyxQJuO&kwd[]=Recipe+for+Pumpkin+Pudding+Dump&kwt[]=307&kbc[]=145952&kwp[]=1&kid[]=434467943&kbc2[]=0%7Cactr%3D0.722%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D307%7Cbdkt%3D307%7Cps%3D2.300%7C80%3D2.99%7C12%3D0.14%7C60%3D0.07%7C53%3D0.36%7C74%3D2.06%7C1%3D0.45%7C2%3D1.11&ktd[]=3573429764352&kwd[]=Traditional+Pumpkin+Pie+Recipe&kwt[]=307&kbc[]=90666&kwp[]=2&kid[]=172813209&kbc2[]=0%7Cactr%3D0.608%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D307%7Cbdkt%3D307%7Cps%3D2.287%7C80%3D2.99%7C12%3D0.14%7C60%3D0.10%7C53%3D0.36%7C74%3D2.06%7C1%3D0.38%7C2%3D0.81&ktd[]=4123185578240&kwd[]=Fresh+Pumpkin+Pie+Recipe&kwt[]=307&kbc[]=90666&kwp[]=3&kid[]=11745179&kbc2[]=0%7Cactr%3D0.745%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D307%7Cbdkt%3D307%7Cps%3D2.287%7C80%3D2.99%7C12%3D0.14%7C60%3D0.05%7C53%3D0.36%7C74%3D2.06%7C1%3D0.43%7C2%3D0.94&ktd[]=3573446541568&v=1&gdpr=1&geo=48.79%7C8.84&dlper=25&lper=100&lpid=&tsid=1&hint=&cc=SE&wsip=170774531&bca=0&ugd=4&vgde_setid=Nff&cid=8CUG3G308&vi=1702240293700086828&vsid=DefVid&tdAdd[]=asnum%3D39351&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_adpref_diff=1010&vgd_implt=3&vgd_cage=3&vgd_tsce=L343-S343&vgd_l3_sc=AB&vgd_chost=contextual.media.net&vgd_kals=tbid%3D-21%7C%7Cttype%3D10002%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Cctr%3D0%7C%7Crpc%3D0%7C%7Cttd%3D8&vgd_kalog=MI%3D3456%7C%7CMPTD%3D128%7C%7CTCL%3D49%7C%7CTLID%3D6%7C%7CTTC%3D50%7C%7CTC%3D12%7C%7CTPTD%3D2907289100388304420%7C%7CCI%3D3456%7C%7CSID%3D8%7C%7CSI%3D3456%7C%7CHID%3D0%7C%7CUUID%3D2IakTfse3U70IaJFqu&vgd_katid=807833377&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Ctbtype%3DvDef&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=weil+der+stadt&vgd_ifrmode=03&sttm=1702240294072&upk=1702240294.20150&hvsid=00001702240294072032401633282680&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_l1rakh=1702240293123878417&vgd_isiolc=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D39351&vgd_mcf=9920&vgd_vstrid=DefVid&vgd_icat=176&vgd_spcat=500021&vgd_cfud=220426&vgd_scsver=279&vgd_optout=0&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1cdv=1129&vgd_l1rpth=%2Fdmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A302%3Brend_h%3A250&vgd_uspa=0&vgd_sc=AB&vgd_l1rhst=contextual.media.net&hvsid=00001702240294072032401633282680&rc=0&rand=1702240294390&matm=1702240294390&vgd_ltimesrc=2&vgd_ltime=588&vgd_rtime=324&vgd_etm=3&vgd_l1hcsd=Ss1v0%7C8234&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=1130&vgd_pgid=p01402915591t202312102031&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=AS%7CDIV-726657258%7CDIV-paleo-1003114753&vgd_eadm=1&vgd_sgmt=1%3A60814%7C60901&vgd_end=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.108.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-108-46.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 10 Dec 2023 20:31:34 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 15
Expires: Sun, 10 Dec 2023 20:31:34 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 58ms
57ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3bt0v9137939032&_p=1702240293771&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1502073168.1702240294&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sid=1702240294&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=recipes&ep.ua_dimension_2=October%2021%2C%202015&ep.ua_dimension_3=Courtney%20Hamilton&ep.ua_dimension_5=coconut-flour-recipes%2Cdessert-recipes%2Coven%2Cpumpkin-recipes%2Ctapioca-flour-recipes%2Cvegan%2Cvegetarian&tfd=2461
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 74ms
74ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RWB4GYKC4G&cid=1502073168.1702240294&gtm=45je3bt0v9137939032&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 98ms
98ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RWB4GYKC4G&cid=1502073168.1702240294&gtm=45je3bt0v9137939032&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=169082955

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5EE9 9 KB
858 B 87ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 19:23:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame B997 9 KB
835 B 87ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 19:29:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:31:34 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 1 KB
936 B 1197ms
1197ms XHR
text/html 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=22304&_=1702240294383

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

246de55cb0e89a31fa93fa8dd530fa36e8bab5862087a80fce540ff7bcfa9d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 833840940f09362c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
236 B 67ms
61ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=EbDK2cQ3b9cb&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 10 Dec 2023 20:31:35 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1828225759264952
content-length: 0
x-served-by: cache-fra-eddf8230106-FRA
pragma: no-cache
server: envoy
x-timer: S1702240295.131102,VS0,VE30
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
blog.paleohacks.com/wp-content/uploads/2016/05/ 15 KB
15 KB 48ms
48ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/05/bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aaa8ae246e2f8fa0ceb5bc3a610b33ce3d5bcfefb7b34e774647d6a585b2743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:35 GMT
cf-cache-status: HIT
age: 573384
cf-polished: qual=85, origFmt=jpeg, origSize=22364
content-disposition: inline; filename="bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15352
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 17:46:36 GMT
server: cloudflare
etag: "5dc6fb7c-575c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 83384095d9c0362c-FRA
expires: Wed, 03 Jan 2024 05:15:10 GMT

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 51ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1664
cf-polished: origSize=4494
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1kKEX4aGFuVkK5FF%2BxH0xgbgbXFULkruIknh3M2LJ4er7LrlcHx8HFSNLOURdCwHztOh030Bsl3AxH6FoVNZB6CwQP%2BF%2F101LN%2BG%2FaBgzT50PCZUqlab%2B%2B0zEc%2BG7grHqR5D65Ql3e4zRKt7tZ0EjnjCvAxhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83384096bbcf9bbf-FRA

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 16 KB
3 KB 985ms
985ms XHR
application/json 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

ae526acd27bfa8ad3499c0fcaec8312aab58756b0222544d7eec5045d066a4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 833840970b5d362c-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 comments.php
www.facebook.com/v4.0/plugins/ Frame 79AC 0
0 57ms
56ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b7157d870c0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3486ebbab45bb8%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a1e62876421d023b939d1f09033b37d1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Dec 2023 20:31:35 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: cW+/7n+GSddOfuwNeC8LROHAW62dbi3OdbflaTwUO1mXphNAP/75zWjGhdlvR5mYCAZ3bajWkR02JPe6E25Etg==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame B63D 0
101 B 57ms
57ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fdc0d5d8e139%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3486ebbab45bb8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a1e62876421d023b939d1f09033b37d1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Dec 2023 20:31:35 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: cPMYORwn7HxhVVKsiqwxG+eOatpr79f5JORaiooB64/j/B3g4fe/QUW3k+bLuZ6e/04zkTbkt2pzGIkl5ixisA==
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 276ms
123ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87664fd82a3e36aedd5a153ac8571b8e07561993ebbfd462e0400543c30b3450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12184
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame ECDD 565 B
405 B 59ms
58ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 20:31:35 GMT
pinterest-version: d78e8bb29a918984956646dda95b1f312bf96e54
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1013906366131186

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
723 B 592ms
530ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: f5bbf1000d10bfa861f929bb8dc1223838e6195ab19d3d7be431a2cc3f8229a7

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h17%2BIZen%2F142YEYAOjh3lb4ExPurlBh999P8uFarOEY5j3wZvgY%2BGmMgzSS37NyP%2FGPXkrp6vOvyd6aJ%2FTb3YAWhk%2BQ6Z47YgzfTheDhQ%2Bl3%2BLLCkVsN8OH2M4O%2BRp6S7J9wxulGY%2Fi6r0ZVygLg%2BOVB84adMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 83384097a83b37fc-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 60ms
59ms Image
text/javascript 23.1.108.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=777&lf=3&&vgd_tsce=L343&vgd_l2type=scs_newfl&vgd_cdv=1129&vgd_cage=5&vgd_rensize=1600_1200&vgd_ren_page_h=11275&vgd_lbt=500&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&vi=1702240293700086828&ugd=4&cc=SE&sc=AB&startTime=1702240294069&l1ch=1&l1hcsd=l1!Ss1v0|8234&sttm=1702240294072&upk=1702240294.20150&hvsid=00001702240294072032401633282680&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1702240293123878417&vgd_sc=AB&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01402915591t202312102031&vgd_pgids=1&vgd_end=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.108.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-108-46.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 10 Dec 2023 20:31:35 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 10 Dec 2023 20:31:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 295ms
139ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 20:31:36 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C8C 13 KB
5 KB 76ms
75ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 19:00:50 GMT
expires: Mon, 09 Dec 2024 19:00:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0BB2 829 B
981 B 85ms
85ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb814caa2023d6bab3c13538e2bf157715d72c8498a342c72d63c80e84c07de5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wc4KN8qSieCi5Pf0ofkIOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wc4KN8qSieCi5Pf0ofkIOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:36 GMT
expires: Sun, 10 Dec 2023 20:31:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK / Show response
api.ipify.org/ 23 B
223 B 562ms
186ms XHR
application/json 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.1 /
Resource Hash: c9ece16a98d377789c47d64297f973bfebbae4a7f269fa78550df43b50b2e4d1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 10 Dec 2023 20:31:36 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 23
Vary: Origin
Content-Type: application/json

GET
H3 200 Popup-okt2017_-_rev-Dessert_Recipes.jpg
blog.paleohacks.com/wp-content/uploads/2017/11/ 40 KB
40 KB 49ms
48ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2017/11/Popup-okt2017_-_rev-Dessert_Recipes.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac63a064b70dc77c6aa7963b1ff7973cc255bdd030cd9c124665dcdfabd0a172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
cf-cache-status: HIT
age: 144102
cf-polished: qual=85, origFmt=jpeg, origSize=90836
content-disposition: inline; filename="Popup-okt2017_-_rev-Dessert_Recipes.webp"
alt-svc: h3=":443"; ma=86400
content-length: 40964
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 20:38:15 GMT
server: cloudflare
etag: "5dc723b7-162d4"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8338409b8a9e362c-FRA
expires: Mon, 08 Jan 2024 04:29:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0BB2 0
0 262ms
110ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304050101&jk=3746281469254323&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C8C 39 KB
15 KB 226ms
76ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf018a86a516f35c62887cccdac2787783d8ec087376f3e936b456a1cafc2347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29105
x-xss-protection: 0
server: cafe
etag: 489 / 19701 / 31080021 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:36 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2C8C 0
10 B 72ms
72ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KrSuHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 160ms
160ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca0cce2493620281a8067a4fe4dff67a03ea2a2b291a295c0535bc666fbcd87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29938
x-xss-protection: 0
server: cafe
etag: 90 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:36 GMT

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
616 B 201ms
201ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=162176363&activity_type_id=1&fbp=fb.1.1702240294097.61119671&fbc=undefined&ga=GA1.2.1502073168.1702240294&client_ip_address=193.32.248.233&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.71%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: cc1c1ad604408cf6342dd1fb4ad87bb18e331060bec4b605f4010041060af6ef

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOHVTjdy4p3%2FGdvm8auo0Wt%2FO5k%2BaRWrDveMNzz9ESGcsSHJ0gXAu74f0%2FxPPlP14vCC83DA5RAqYV1fpNHy2ejJh%2Fubkm8HDdJQu1zdlgrPyquZGj4ymU1gqq2uPgSmPC5Jx%2BXePXVlvVD%2BuoS5jFOaQuClKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 8338409e8b7e37fc-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 159ms
159ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e00991138baf84b192530115833b70d13ca5ce53b7670987983fef5a3e9ce0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29939
x-xss-protection: 0
server: cafe
etag: 842 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:36 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 154ms
154ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b18361f85cc62ddc399cfbded4fc8ad8ad01388f33b6d040181f25b6ed7a7b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29100
x-xss-protection: 0
server: cafe
etag: 116 / 19701 / 31079992 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
113ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304050101&jk=3746281469254323&bg=!xsWlxYrNAAY3kmNgF5I7ADQBe5WfOIU7Wiq_YAKwXq1ftjIhUytBxU3Mz2mni3mmQ1BRspa0acWdYm07IZyjG0LI9-k1AgAAAEZSAAAAAmgBB5kC8AEwOeWwdoySsfgsAppXGpb_0XdidOuhB3qA-2PbUdQ56l6ncifM4-fF45DVF_QiBCs2xPwZAQ08Qp_FZ05KTUXExuqTG04PN3otXF_HvuA7oZSquZTu8KuDmnlFcSYrzoF6a8Lec_tyo_5osS1_qkqqBmF5KDm0Z53eFnLcykET7Ek96ngmUyawmixDpAZYjJM7-_7HVvVVK-s1Cu8aTbgD2TgCZTf28CIINDrVx3_Jx_hkZojRnPugjvUR-vNcdYsbE6xFR7KcORFzucHkdMG-JUc3UgOkR5J8MAKoJJfKOipdJ66f8PzGal2Qi5vVU8jlpVGM7w12zkQk2STSPH7GsdvOYDOn_zHRTBHQPiPPXT_V1lCNPV73Jk9OIyn33enLoCGjzFbZ5M1h3gER_AM_ic7YxNXJN4gI3wHIEV1Wwm531733Rg3vR7eHKm0L_B-J9qdImwq1MOkMtOc3YfySB0HTsuWlE9p-1QY7sz2Cc9jhymvMLIKuRfag8PMfcv1S540xQvyqmasCX5mtH-PD3UwsJcjx_aiAweTgz6soz8xC0Ua6FfwFIHQuS9jc-JwDMm34i4QkVPGPNPcXL0gKEnoM7LWZcxZhf3vBsAj_3jR65mRQ4poVy91q1ADHPsi-E1hsTFgOpu422JHk2q8AXQB_YoT025Q7hfzuI7QZK7KmUErI7SOvoymPEdNw4WhVZ8NQ05TG54nApbr_I5AqgvkBPoHxJbmjU69jZIPZhyVot_1U6L5NRiIow2lUxQqsRoRU9c396gd4Xj1gX5xbjof9poUW26_PFRrnpdlnQDGsNA7lB_oA6p-vOy96bQbTHMtUPFdRMsbemaFLDaIw0mT5nx8lyG4YQpR6onwr9XHVjopUyBTJ78INgcYQCAbcsBUGThhrA7Nx-VvwFEo7Z0SkSXZe51kgWKdKZONqJ2U7fh1hlog7UhB-kL5lPUpPyXDHbB9NuCN_JDT8axX5OiXz6JQzzSj9UTeO6bxI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 81ms
81ms Script
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 136 KB
26 KB 518ms
518ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3746281469254323&correlator=1785936301987084&eid=31072879%2C21065725&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=3&adks=2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie=ID%3D4216b41fcf65829d%3AT%3D1702240294%3ART%3D1702240294%3AS%3DALNI_MY-g_UjeokNfTswFbjl4EjX6ZFC4w&gpic=UID%3D00000d115b61079b%3AT%3D1702240294%3ART%3D1702240294%3AS%3DALNI_MaQMW2TVyv-aovD4rY12XZmd4RK1g&abxe=1&dt=1702240297233&lmt=1702208937&dlt=1702240293675&idt=727&adxs=436%2C315%2C315%2C1062&adys=1110%2C341%2C11242%2C2959&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=20&vis=1&psz=728x-1%7C1600x0%7C1600x0%7C302x0&msz=728x-1%7C1600x0%7C1600x0%7C302x0&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1502073168.1702240294&ga_sid=1702240294&ga_hid=1229173518&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2206b43ab2cccf030f1078bf20a8436ea21a2a5f9bf5d96ff8bc271561fa7fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26231
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 635E 6 KB
3 KB 74ms
73ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:34 GMT
expires: Mon, 09 Dec 2024 20:31:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06DD 6 KB
3 KB 73ms
72ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:34 GMT
expires: Mon, 09 Dec 2024 20:31:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A99D 6 KB
3 KB 73ms
73ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:34 GMT
expires: Mon, 09 Dec 2024 20:31:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 635E 94 KB
38 KB 184ms
64ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204

Request headers

Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
Origin: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: br
last-modified: Fri, 08 Dec 2023 16:51:51 GMT
vary: Accept-Encoding
x-azure-ref: 20231210T203138Z-2mbpgkhfqp25z2hmm2gv8t9ghg00000000e000000001ae0g
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67479ca-e01e-00ed-24f7-29a0d2000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 635E 80 KB
28 KB 96ms
28ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Sun, 10 Dec 2023 20:31:37 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2183078
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230083-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1702240298.949541,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 2683017

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 635E 3 KB
1 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 635E 20 KB
8 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 635E 0
0 88ms
86ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSflvzqbgqh3kneGYmPiuvK9ILua2zFj3Ag4eebbdwDC8dH3uagkIhYt2vogCtQbPHVBs7GQ603iPZ5R8rRnOUzT5xwgA
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 635E 24 KB
6 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 635E 202 KB
64 KB 115ms
113ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:37 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7BC6 2 KB
3 KB 124ms
54ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h16xgxhmr00nvhakb5ce0gan4zvw6kky25w3ces0zx6mxmt5dzy3a9p7rrt4xbz3jrhjhh41nw6x1p7w2rkttvh33e2grna4jc5amnj7mj5yhfjn80bwamvgwvdfqn6xg1130p862mk7rw7zt0ns5w4p8zb1kr5nnjsqx7485q66dg99j4av37efmgyy4m7jvz92b994zb5g8aevkc38ejzhvb5xz1f8vgg8np251d88gmv45z8x8mjgrdqn4jwn6bej24mh3yzmzfw5f6xqreswe0ze5b3pqqt7mzn01zrfw4d2pks4z16r38g8mcc0vbs0paf3w7brh4jfv01hqvafk8wfr36tc6d8rt2tqp0mm2qp77tfxpmzqrtt2yncrxx131yqfyd3fr76wtthk4dp9a44jtdrbzfd1kp93p0ma90n8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08cfaae2556c8208443bf88d287cab58cabff5c94bb5edf0ca9418826c0f587a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 833840a638aa381a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:37 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06DD 3 KB
1 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FEB0 1 KB
643 B 76ms
75ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06DD 20 KB
8 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 06DD 0
0 87ms
86ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIGNDk1nNr7fU0y5tr0i36Br309aCSd8wnBsE1WtjXed_rfv1E9m55SsqcAdjMjl4U06hsG67EElklGcnK418NaYHTbA
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 06DD 24 KB
6 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06DD 202 KB
64 KB 215ms
214ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:38 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame A99D 94 KB
38 KB 171ms
64ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204

Request headers

Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
Origin: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: br
last-modified: Fri, 08 Dec 2023 16:51:51 GMT
vary: Accept-Encoding
x-azure-ref: 20231210T203138Z-2mbpgkhfqp25z2hmm2gv8t9ghg00000000e000000001ae0f
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67479ca-e01e-00ed-24f7-29a0d2000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame A99D 80 KB
28 KB 91ms
28ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Sun, 10 Dec 2023 20:31:37 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2183078
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230134-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1702240298.957282,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 2787307

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A99D 3 KB
1 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A99D 20 KB
8 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A99D 0
0 86ms
86ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoQvN7uAHju7_S8Puir09YzWHEgO9jcjTf9s1FmE-DTEXoFrchS0OjM87vMwlxQyMvp6JTSIR_bdmmVwkFdGtGF91GNQ
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A99D 24 KB
6 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A99D 202 KB
64 KB 195ms
195ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:31:38 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FEB0 0
104 B 240ms
102ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAzzW2j0xKZIl8dRvPCftB4&google_cver=1&google_push=AXcoOmRSd-ye12dCmVJDyWo2b3wjGAeB2mpR1iyF0Pek7FvNXzgT3OSdQqVT9qA92p906f0EGwn_rQt8P_Pu2XqPVLeEsrpvGgFNPA
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEB0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPw5A2A4mL1Rr5-Y3x84Tlw&google_cver=1&google_push=AXcoOmRv_onrNJ3pMLYzRtrrWQnJBXXlAskMWYelmXTuxdBQBMKn_159sBxR9bN2zBkz_voAM9R3zfdqy2po_Epcu7CsJdAEx21Xhkw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8BA18D677DA84260A53BB4D66EBBB150&google_push=AXcoOmRv_onrNJ3pMLYzRtrrWQnJBXXlAskMWYelmXTuxdBQBMKn_159sBxR9bN2zBkz_voAM9R3zfdqy2po_Ep...

170 B
232 B

67ms
66ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8BA18D677DA84260A53BB4D66EBBB150&google_push=AXcoOmRv_onrNJ3pMLYzRtrrWQnJBXXlAskMWYelmXTuxdBQBMKn_159sBxR9bN2zBkz_voAM9R3zfdqy2po_Epcu7CsJdAEx21Xhkw

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Dec 2023 20:31:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8BA18D677DA84260A53BB4D66EBBB150&google_push=AXcoOmRv_onrNJ3pMLYzRtrrWQnJBXXlAskMWYelmXTuxdBQBMKn_159sBxR9bN2zBkz_voAM9R3zfdqy2po_Epcu7CsJdAEx21Xhkw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 09 Dec 2023 20:31:38 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FEB0 70 B
149 B 141ms
44ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGixOEL0Yui0tA7UgX8o3u0&google_cver=1&google_push=AXcoOmRrNy_hDIrgWKObldMTHZGFPPvr0LvBo7qs-mURNvjVE9fLir5hkZIv_9HYNaECh-KCARnYxfUCjLWKhqxij6pP1wePoyR0MfA
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEB0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEK345stJB-t0-HIcXwCLtCs&google_cver=1&google_push=AXcoOmRS6ZLQqnKMKm3mrt7muJX6qv_zEc69mPWaU4yELzYmwflGoX6ehAl6-U6VCasUvIoB6eoy9ByiKTsf63hI...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmRS6ZLQqnKMKm3mrt7muJX6qv_zEc69mPWaU4yELzYmwflGoX6ehAl6-U6VCasUvIoB6eoy9ByiKTsf63hIZxXx4T1mzTJQzJE

170 B
329 B

83ms
67ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmRS6ZLQqnKMKm3mrt7muJX6qv_zEc69mPWaU4yELzYmwflGoX6ehAl6-U6VCasUvIoB6eoy9ByiKTsf63hIZxXx4T1mzTJQzJE

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Dec 2023 20:31:38 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmRS6ZLQqnKMKm3mrt7muJX6qv_zEc69mPWaU4yELzYmwflGoX6ehAl6-U6VCasUvIoB6eoy9ByiKTsf63hIZxXx4T1mzTJQzJE
x-host: tde-deliveryengine-production-5989b845bf-qj7gl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEB0
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR-iShufOk

170 B
232 B

64ms
64ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR-iShufOk

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQo2N3vZDUi0D_UIoVrRorzI9kU7jxVh1GfuotOQib56tQI8rDXZml98JBmIEHALuqDHeS8ZQBNYaXS4xpUYN719GR-iShufOk
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEB0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF8l6GPS3KKThZWVwe1EqDg&google_cver=1&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqdI7...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF8l6GPS3KKThZWVwe1EqDg&google_cver=1&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxa...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY0NzAxOTA0MjI2NDAyMjM3MQ&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqd...

170 B
232 B

64ms
64ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY0NzAxOTA0MjI2NDAyMjM3MQ&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqdI73INRsZ4wegrvV_gAikiLY1U

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY0NzAxOTA0MjI2NDAyMjM3MQ&google_push=AXcoOmSJNDCsCNmW3O-WyH-j69xomBMWKrbGl9hiioueYPPoqMR1opyTWW33FxgcvZ6_tppVBxakqdI73INRsZ4wegrvV_gAikiLY1U
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEB0
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAffAwgxk-J4wX_VFSsRAtk&google_cver=1&google_push=AXcoOmRvKsxuZ4BGolPsVTpccUT4G0HUwMmMOd3vpgMY_6YZQzH_mTpPX_o9zVNWL48WmDOCgu0JI81TwgH_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRvKsxuZ4BGolPsVTpccUT4G0HUwMmMOd3vpgMY_6YZQzH_mTpPX_o9zVNWL48WmDOCgu0JI81TwgH_kKYGYu2pZ1wq7f0BNQ

170 B
232 B

65ms
65ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRvKsxuZ4BGolPsVTpccUT4G0HUwMmMOd3vpgMY_6YZQzH_mTpPX_o9zVNWL48WmDOCgu0JI81TwgH_kKYGYu2pZ1wq7f0BNQ

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRvKsxuZ4BGolPsVTpccUT4G0HUwMmMOd3vpgMY_6YZQzH_mTpPX_o9zVNWL48WmDOCgu0JI81TwgH_kKYGYu2pZ1wq7f0BNQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FEB0 0
139 B 186ms
64ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdFwBWkU49xdO73KLozhPc4AwWybr_A3_jz-zUZmPvikpIXXacuZuuyI861132Q-pi_3BM

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 7BC6 115 KB
13 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h16xgxhmr00nvhakb5ce0gan4zvw6kky25w3ces0zx6mxmt5dzy3a9p7rrt4xbz3jrhjhh41nw6x1p7w2rkttvh33e2grna4jc5amnj7mj5yhfjn80bwamvgwvdfqn6xg1130p862mk7rw7zt0ns5w4p8zb1kr5nnjsqx7485q66dg99j4av37efmgyy4m7jvz92b994zb5g8aevkc38ejzhvb5xz1f8vgg8np251d88gmv45z8x8mjgrdqn4jwn6bej24mh3yzmzfw5f6xqreswe0ze5b3pqqt7mzn01zrfw4d2pks4z16r38g8mcc0vbs0paf3w7brh4jfv01hqvafk8wfr36tc6d8rt2tqp0mm2qp77tfxpmzqrtt2yncrxx131yqfyd3fr76wtthk4dp9a44jtdrbzfd1kp93p0ma90n8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h16xgxhmr00nvhakb5ce0gan4zvw6kky25w3ces0zx6mxmt5dzy3a9p7rrt4xbz3jrhjhh41nw6x1p7w2rkttvh33e2grna4jc5amnj7mj5yhfjn80bwamvgwvdfqn6xg1130p862mk7rw7zt0ns5w4p8zb1kr5nnjsqx7485q66dg99j4av37efmgyy4m7jvz92b994zb5g8aevkc38ejzhvb5xz1f8vgg8np251d88gmv45z8x8mjgrdqn4jwn6bej24mh3yzmzfw5f6xqreswe0ze5b3pqqt7mzn01zrfw4d2pks4z16r38g8mcc0vbs0paf3w7brh4jfv01hqvafk8wfr36tc6d8rt2tqp0mm2qp77tfxpmzqrtt2yncrxx131yqfyd3fr76wtthk4dp9a44jtdrbzfd1kp93p0ma90n8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2381415
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAwhv1RsCf0mNdDxSXytqlezLsdLFQFvHQMJV1Rq1pSbTs7Pfz8vt4AX9X4r2x1E28RZ1D9iTtyay9T9%2B2o1kXNG79P%2FgBE9kcmVwiFpFdAOx3qZIrhSP2EiiHBdphXXPqmqZu1ENiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 833840a69940381a-FRA
expires: Mon, 11 Dec 2023 20:31:38 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7BC6 24 KB
10 KB 44ms
44ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h16xgxhmr00nvhakb5ce0gan4zvw6kky25w3ces0zx6mxmt5dzy3a9p7rrt4xbz3jrhjhh41nw6x1p7w2rkttvh33e2grna4jc5amnj7mj5yhfjn80bwamvgwvdfqn6xg1130p862mk7rw7zt0ns5w4p8zb1kr5nnjsqx7485q66dg99j4av37efmgyy4m7jvz92b994zb5g8aevkc38ejzhvb5xz1f8vgg8np251d88gmv45z8x8mjgrdqn4jwn6bej24mh3yzmzfw5f6xqreswe0ze5b3pqqt7mzn01zrfw4d2pks4z16r38g8mcc0vbs0paf3w7brh4jfv01hqvafk8wfr36tc6d8rt2tqp0mm2qp77tfxpmzqrtt2yncrxx131yqfyd3fr76wtthk4dp9a44jtdrbzfd1kp93p0ma90n8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 386210
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr%2FG3j9lLSpupbBC2GnKZNnydPb9h4bG%2BpWEAMWXI2L4MZuN18ZqlxMx7lQV%2FzRgI23rDu9vssXDRDMM0puMTKKteKBdT4OVcpR3asR%2FdrGcMBe2ZLmZ4paMCbCuWz4pnpb94kk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 833840a69946381a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:14:48 GMT

GET
DATA 200
OK truncated
/ Frame 06DD 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53c3b4e146763dacded5b888f15cbd037e647886e05dd591931287662b769054

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7BC6 350 B
911 B 121ms
53ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933355
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYbPU%2B3Vnsihs0s1HFzsz7yVIBUYGnQG%2FFMa%2B7xyoEngCzVkTG0gPHktUQgkFXQFjdAmghg5%2FLahcztMNpYRaWypNeO8jvhooZu%2FgFw7Y3dwZeImoXdwZ8cJNs7Y6PrArACd6PjmLIYFFN0RXQB7B69V"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a758581c26-FRA
expires: Fri, 29 Nov 2024 01:15:43 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame DB59 2 KB
2 KB 51ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1010887
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 833840a6e8ae5b38-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sun, 10 Dec 2023 20:31:38 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFwnem%2Bb3VG8QpfhpTuM3sEYQEGObAiPtWsQyrj98wVxGj5shsFka5I6RBfT2OBxYs1WPCmcvmlaehALeHeHH4pdl66JGFi609olsUIVNUdSD0zJdAKUMXZ%2FTAWic39PfnRar5s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

c.gif
www.bing.com/aes/ Frame A99D
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=142f945f-0e7a-4e43-a33c-0a8d32aa5dce&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=bc32a8c5-5099-44f8...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7795852652c24daeb0adeb89975cdce5&SNR=1&GV=2&med=10

0
548 B

83ms
82ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7795852652c24daeb0adeb89975cdce5&SNR=1&GV=2&med=10
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 459B30BA361B4BFC87382FD78CBAE4E6 Ref B: FRA31EDGE0106 Ref C: 2023-12-10T20:31:38Z
x-cdn-traceid: 0.9aa12417.1702240298.4eb246e5
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 10 Dec 2023 20:31:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81C6582238124D54AE9B5EE2395E859E Ref B: FRAEDGE2006 Ref C: 2023-12-10T20:31:38Z
x-cdn-traceid: 0.9aa12417.1702240298.4eb243b1
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7795852652c24daeb0adeb89975cdce5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame A99D 25 KB
25 KB 183ms
58ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215963591658_1K9DTJQHCYXPMOZ3CK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0feacdb4624ff9ab0d1ea0264e96d653a39855437348549ca951f5ca7baffef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9aa12417.1702240298.4eb243ac
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 25290
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame A99D 0
533 B 105ms
34ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QKeBMgeAgAAAwDWAAUBCKnA2KsGENPbsMLj7uCJEBgAKjYJ3pnkRj1OnD8Ran1pVqKXmz8ZAAAFAghAIWoNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYx7E9YABon6RUeKryBYABAYoBA1VTRJIFBvBPmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLXBhbGVvaGFja3MuY29t2ALwBuACoqgx6gI2aHR0cHM6Ly9ibG9nLnAyJwAEL3ABD_BtLXB1bXBraW4tc3BpY2UtZG9udXRzgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDhc884AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQF81SIBQGYBQCgBcv1p9mNsJeCHcAFAMkFJT4YAPA_0gUJCQkMeAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHqvIF0gcNFWUBJgjaBwYBXqAYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=2a01dfef9b9b9c1ee27f3b740cb17c6575b37d4e&bdref=https%3A%2F%2Fblog.paleohacks.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fblog.paleohacks.com%2F,https%3A%2F%2F9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
an-x-request-uuid: df30902d-4801-40c2-840b-de7f2f1c406c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 635E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8cd3d9a3-1d31-4991-acc9-d0a5bf51d219&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36011401-c0b1-466c...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bec25ebaee5740e8ab8b279833342800&SNR=1&GV=2&med=10

0
546 B

94ms
94ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bec25ebaee5740e8ab8b279833342800&SNR=1&GV=2&med=10
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC0435D4F36F42F192462A5C09F1BF70 Ref B: FRAEDGE2007 Ref C: 2023-12-10T20:31:38Z
x-cdn-traceid: 0.9aa12417.1702240298.4eb2472c
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 10 Dec 2023 20:31:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C0C44B104EC74361B3BD27354DA2E05E Ref B: FRAEDGE1318 Ref C: 2023-12-10T20:31:38Z
x-cdn-traceid: 0.9aa12417.1702240298.4eb243b2
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bec25ebaee5740e8ab8b279833342800&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 635E 9 KB
9 KB 212ms
91ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215951476505_181K8V6Z69C7906J4Q&pid=21.2&c=16&roil=0.0008&roit=0&roir=0.9975&roib=1&w=200&h=105&qlt=90
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6107f61423eba79dc6f1bb8b35032a707f4ffa5123e8787cdbc8d96ae9208b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9aa12417.1702240298.4eb243ae
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 8861
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 635E 0
534 B 101ms
33ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QKeBMgeAgAAAwDWAAUBCKnA2KsGEPuXoOCX_dreFRgAKjYJkDaUf6o0rT8RRjDVB0F4rD8ZAAAFAghAIUYNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeO3zBYABAYoBA1VTRJIFBvBPmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLXBhbGVvaGFja3MuY29t2ALwBuACoqgx6gI2aHR0cHM6Ly9ibG9nLnAyJwAEL3ABD_BtLXB1bXBraW4tc3BpY2UtZG9udXRzgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDhc884AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQF81SIBQGYBQCgBaXXiM_KyKfWBsAFAMkFJT4YAPA_0gUJCQkMeAAA2AUB4AUB8AWF5AP6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNFWUBJgjaBwYBXqAYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=a5ade5dd0e7f032ae33a38a86fb94ccf848f5297&bdref=https%3A%2F%2Fblog.paleohacks.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fblog.paleohacks.com%2F,https%3A%2F%2F9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
an-x-request-uuid: 509d9181-aade-42dc-8d9e-0b74ea149438
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 89ms
54ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 833840a788b39b39-FRA
content-length: 24
content-type: text/plain
date: Sun, 10 Dec 2023 20:31:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcxJ2JMe4GUZWOfGQH76C7nD6Gju3EqSgriqDy0tzrPXI%2BRVpmQ4Od1fk1Jha7E6jrZbM2CZ6y2mDS12llK3kKTR66dSVd4S5BijzHpb1zsHgLEBVR8YjR1FbPbQedIaoEgT4N8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-zjg9

POST
H3 200 rs Show response
ad4m.at/ Frame 7BC6 2 KB
2 KB 61ms
61ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a320551b9c44adeed172915d9813f38c78c2619a51472d7b0deb7f8fd9fd11

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGH%2FL7ELboscpUaTq1blnYiAo0l%2FASq6nyS%2Bo97ymDoRvTiRTDjMvj0uLMtPidFW27530Msws4v0fEM1tpOuIMi0esJmqmxt6OiGolWhjNEb80wSEHFJJP3PaQ8e%2FURC%2Fi6qSF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 833840a7d9119b39-FRA
x-backend-server: aa-reachservice-group-europe-west1-zjg9
alt-svc: h3=":443"; ma=86400

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 06DD 0
0 123ms
122ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFI3NKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSpAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbhfKx-oFVAhmKUciOBl9NMg5KfY8-IkBvTDvsvVE70Eeb2-e4NUiSeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA4AKAfoLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=Szcb9dsCAQE&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN0w1kHK1ujGYfd5k-Uf3G-z5cSz8mYh1TvMMQ8ns5OX9RSJI5GNEe0fhn6mvIMr7t7hhpkTpIGAE&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 06DD 0
103 B 179ms
78ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ks5ynctefjaqmebtfz5b7ya32ne5j5zxcst58rr8a90zk5r67538gemdcmhzy3yj2akr783erdkqh9c5q8nbp25dachdzznrdqy7rmcvsnptm4pcaw35933aweeb1t7r3dyvsj9d4r9z4nm3yq7w1dkhevt36gwwjg0n1v4ww3j0gvb50znvh1jgfs7s123c6372e69zep0by6y820z2h7d5st1gyrp1tdd266z97nve8p197qse3e0e69kfp2kg6seyks9ek0192gm6n3662bqm316vtv5dpss7t2d45t5y90jz75y36j4jrvm7p4dwntjb6gydcm8mf7medcx5g7jafzr8h8cc4pxvrgv4efkt6hqeq2w29vyabrkcfcdd0taphnr84&b=ZXYgKQAE6dUK4GDXAAcO6obi-H5G_Tz2iTim3A&cbvp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 20:31:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3216 1 KB
643 B 75ms
75ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 635E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71479cf5f46f1ff2c003578e4a104080a0a8f7d2cc1ddb042f2fe9f64ea1d0e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 635E 0
583 B 35ms
35ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QLeB8jeAwAAAwDWAAUBCKnA2KsGEPuXoOCX_dreFRgAKjYJkDaUf6o0rT8RRjDVB0F4rD8ZAAAFAghAIUYNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeO3zBYABAYoBA1VTRJIFBvBPmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtcGFsZW9oYWNrcy5jb23YAvAG4AKiqDHqAjZodHRwczovL2Jsb2cucGEuJwAALwU2qC1wdW1wa2luLXNwaWNlLWRvbnV0c4ADAIgDAZADAJgDCaADAaoDvQMK0wIRTBx3d3cuYmluZwFs8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzYwMTE0MDEtYzBiMS00NjZjLTkyODMtMzg2NGY4OGRiNTQxJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADOOcQC4cnR5cGU9bnVybCZ0YWdJZD03MjExNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQCIX3AyZl96Ym92eXJfaTEmYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhMxNTY2NTI2ODk1OTQ3MjU0Nzc5IgkzODE4NDY3MTQqBCFw8IE6OFUyVmhjbU5vUVdRak56STBPVGt6TnpVeU1UY3lOamNqTWpNeU5ESTVPRGcyTWpBek9UY3dOdz09wAPYBMgDANgDhc884AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QbBUiAUBmAUAoAWl14jPysin1gbABQDJBUX7GADwP9IFCQkJDDwAANgFAeAFAfAFheQD-gUEAVwokAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNFWUBJgjaBwYBXqwYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=887d60876bf62ff30ee9ace874dcdd7ade00fa87&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=3123478511602628788&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7211594&sw=1600&sh=1200&pw=728&ph=126&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
an-x-request-uuid: 51f8e23e-7ce9-4cbf-b434-8d955d593d17
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D468 1 KB
643 B 76ms
75ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A99D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2859ca4990847ccd84e30eb924c8ab98fc65fe5bcc6388e43d252382b264f48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame A99D 0
583 B 33ms
32ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QLQB8jQAwAAAwDWAAUBCKnA2KsGENPbsMLj7uCJEBgAKjYJ3pnkRj1OnD8Ran1pVqKXmz8ZAAAFAghAIWoNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYx7E9YABon6RUeKryBYABAYoBA1VTRJIFBvBPmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLXBhbGVvaGFja3MuY29t2ALwBuACoqgx6gI2aHR0cHM6Ly9ibG9nLnAyJwAEL3ABD7AtcHVtcGtpbi1zcGljZS1kb251dHOAAwCIAwGQAwCYAwmgAwGqA64DCsQCaHQJTPCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWJjMzJhOGM1LTUwOTktNDRmOC04ZDkzLWVmYTMxOGU2ZmRiMiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYo5xALhydHlwZT1udXJsJnRhZ0lkPTcyMTE1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_D1X3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzExNTg0MTQwNzI5MzgyNDU1ODciCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AOFzzzgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXL9afZjbCXgh3ABQDJBQAAAAAAAPA_0gUJCQAARft0ANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6ryBdIHDQkRKAEmCNoHBgFerBgA4AcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=5aa6266723bcee30086cf609d7040453e81f1a93&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=300&bh=157&sid=3123478511602628788&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7211594&sw=1600&sh=1200&pw=300&ph=322&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
an-x-request-uuid: 53be4241-0b0c-4434-8e10-8e3c876502e5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4261 9 KB
4 KB 62ms
62ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96599a97ab376e85b8b7e988182a8efd8eb036646a981cf7b3aad194bae85c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h16xgxhmr00nvhakb5ce0gan4zvw6kky25w3ces0zx6mxmt5dzy3a9p7rrt4xbz3jrhjhh41nw6x1p7w2rkttvh33e2grna4jc5amnj7mj5yhfjn80bwamvgwvdfqn6xg1130p862mk7rw7zt0ns5w4p8zb1kr5nnjsqx7485q66dg99j4av37efmgyy4m7jvz92b994zb5g8aevkc38ejzhvb5xz1f8vgg8np251d88gmv45z8x8mjgrdqn4jwn6bej24mh3yzmzfw5f6xqreswe0ze5b3pqqt7mzn01zrfw4d2pks4z16r38g8mcc0vbs0paf3w7brh4jfv01hqvafk8wfr36tc6d8rt2tqp0mm2qp77tfxpmzqrtt2yncrxx131yqfyd3fr76wtthk4dp9a44jtdrbzfd1kp93p0ma90n8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 833840a84a8e5b38-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:31:38 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3216
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP3bfb2sye4tX6spqtQInKI&google_cver=1&google_push=AXcoOmT1IurTwX5prQf8d7JXN7o4YbsmosDKkc4K_35uJiLxDWD_mKc5hEjC3fQ_oAVXSuujpyDhf_NwM_KXTSFZlltjTmZFvieR
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU3OTMwNTM1MjI2NjQ4MTM1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3bfb2sye4tX6spqtQInKI&google_cver=1

43 B
398 B

41ms
41ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3bfb2sye4tX6spqtQInKI&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3bfb2sye4tX6spqtQInKI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3216
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPG4Amy5eBgE4y-xMWcuWbk&google_push=AXcoOmR3mPhIGNvkUae1O_yQyQxqd9yOM6IEyQSKTdILcSOYfY6nvmeFMJ...

170 B
188 B

65ms
65ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPG4Amy5eBgE4y-xMWcuWbk&google_push=AXcoOmR3mPhIGNvkUae1O_yQyQxqd9yOM6IEyQSKTdILcSOYfY6nvmeFMJjon_Xw9T_23bPGbLUKNYNOEzKOohx1bD-82xE5jafXHQ

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230126-FRA
pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702240298.369017,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPG4Amy5eBgE4y-xMWcuWbk&google_push=AXcoOmR3mPhIGNvkUae1O_yQyQxqd9yOM6IEyQSKTdILcSOYfY6nvmeFMJjon_Xw9T_23bPGbLUKNYNOEzKOohx1bD-82xE5jafXHQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3216
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIaildp7M0ahI7OAsBKNRno&google_cver=1&google_push=AXcoOmTsKzJu7hGWJDyW7tgAvSPcEtMJDDY0b0sFOT9gl8V9z6o1MCctCGOZRMWOTRmSbaHfBw1IRLxmZjs...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTsKzJu7hGWJDyW7tgAvSPcEtMJDDY0b0sFOT9gl8V9z6o1MCctCGOZRMWOTRmSbaHfBw1IRLxmZjsDW7HZfQr1rYctJwSh&google_hm=dEXDLfhtTYOdTVdA_L508uk

170 B
188 B

65ms
64ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTsKzJu7hGWJDyW7tgAvSPcEtMJDDY0b0sFOT9gl8V9z6o1MCctCGOZRMWOTRmSbaHfBw1IRLxmZjsDW7HZfQr1rYctJwSh&google_hm=dEXDLfhtTYOdTVdA_L508uk

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTsKzJu7hGWJDyW7tgAvSPcEtMJDDY0b0sFOT9gl8V9z6o1MCctCGOZRMWOTRmSbaHfBw1IRLxmZjsDW7HZfQr1rYctJwSh&google_hm=dEXDLfhtTYOdTVdA_L508uk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3216
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIP4hgxyhiK2_iCZED3txAY&google_cver=1&google_push=AXcoOmRym7DQ5s1wKlzGLuedCRENtkVuZVrAmuYxC5NQaWna8RSwt8RJJ86oeSKsi40XI_klqSdtboCyyMD3Ve...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTA2NjQwOTg1NTE1NDMxNQ%3D%3D&google_push=AXcoOmRym7DQ5s1wKlzGLuedCRENtkVuZVrAmuYxC5NQaWna8RSwt8RJJ86oeSKsi40XI_klqSdtboCyyMD3VeLhwy...

170 B
188 B

66ms
66ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTA2NjQwOTg1NTE1NDMxNQ%3D%3D&google_push=AXcoOmRym7DQ5s1wKlzGLuedCRENtkVuZVrAmuYxC5NQaWna8RSwt8RJJ86oeSKsi40XI_klqSdtboCyyMD3VeLhwy4-C8mtKinY

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTA2NjQwOTg1NTE1NDMxNQ%3D%3D&google_push=AXcoOmRym7DQ5s1wKlzGLuedCRENtkVuZVrAmuYxC5NQaWna8RSwt8RJJ86oeSKsi40XI_klqSdtboCyyMD3VeLhwy4-C8mtKinY
Date: Sun, 10 Dec 2023 20:31:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3216
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhDKGTRZhF-8lrdeGiKzaI&google_cver=1&google_push=AXcoOmRtV0nk40ziULwhvgUtiQ5RrzN38jVB8a7_fQEGLifBDfHLUV9Z9N6LVXPigADeWcCnN_Dv-AC_S62noyFnb7eoN6-...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtV0nk40ziULwhvgUtiQ5RrzN38jVB8a7_fQEGLifBDfHLUV9Z9N6LVXPigADeWcCnN_Dv-AC_S62noyFnb7eoN6-5PrFYTg&google_hm=eS1TanA4NGhaRTJwRkdk...

170 B
188 B

70ms
70ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtV0nk40ziULwhvgUtiQ5RrzN38jVB8a7_fQEGLifBDfHLUV9Z9N6LVXPigADeWcCnN_Dv-AC_S62noyFnb7eoN6-5PrFYTg&google_hm=eS1TanA4NGhaRTJwRkdkOU1DSUl4WDgzUkdzT1pEVndJMX5B

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Dec 2023 20:31:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtV0nk40ziULwhvgUtiQ5RrzN38jVB8a7_fQEGLifBDfHLUV9Z9N6LVXPigADeWcCnN_Dv-AC_S62noyFnb7eoN6-5PrFYTg&google_hm=eS1TanA4NGhaRTJwRkdkOU1DSUl4WDgzUkdzT1pEVndJMX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3216
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmTggjXvtk8IwD4nkGeAUOPuYXZF6PxECvn5vBuiCjEk9Fig9i3gsVLhkuP6Se1EhK-3al9-Dm9vm2m5H42iUMLu_qT...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTggjXvtk8IwD4nkGeAUOPuYXZF6PxECvn5vBuiCjEk9Fig9i3gsVLhkuP6Se1EhK-3al9-Dm9vm2m5H42iUMLu_qT_YZFH

170 B
188 B

65ms
65ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTggjXvtk8IwD4nkGeAUOPuYXZF6PxECvn5vBuiCjEk9Fig9i3gsVLhkuP6Se1EhK-3al9-Dm9vm2m5H42iUMLu_qT_YZFH

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTggjXvtk8IwD4nkGeAUOPuYXZF6PxECvn5vBuiCjEk9Fig9i3gsVLhkuP6Se1EhK-3al9-Dm9vm2m5H42iUMLu_qT_YZFH
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3216
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAffAwgxk-J4wX_VFSsRAtk&google_cver=1&google_push=AXcoOmQDuDLrYsWL7uHx_Ul2AxuZpDeff_-Dvde7MyTy7CXuzMKF-_calIrs4QAicA-gi_1-BPexXNJbj_PQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDuDLrYsWL7uHx_Ul2AxuZpDeff_-Dvde7MyTy7CXuzMKF-_calIrs4QAicA-gi_1-BPexXNJbj_PQlDFzX1-6nWJpZcOmRA

170 B
188 B

63ms
63ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDuDLrYsWL7uHx_Ul2AxuZpDeff_-Dvde7MyTy7CXuzMKF-_calIrs4QAicA-gi_1-BPexXNJbj_PQlDFzX1-6nWJpZcOmRA

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDuDLrYsWL7uHx_Ul2AxuZpDeff_-Dvde7MyTy7CXuzMKF-_calIrs4QAicA-gi_1-BPexXNJbj_PQlDFzX1-6nWJpZcOmRA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3216 0
12 B 62ms
62ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IewOj0JidZFgSUHAqtVABXIL6TVA78QjhJTFycYUWtw_3zM4b-uomwoyfL4dcZYRIwm2q-

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D468 70 B
148 B 47ms
44ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGixOEL0Yui0tA7UgX8o3u0&google_cver=1&google_push=AXcoOmTh-LCRNu_63ASTe62Vzl1K3bO3DpSRiUx5GGCBnW8p0UANlVm9mwPO_km_7yh4bVaXAF2YbH3gybWcKZrWAzOexlrm68dJ8_k
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D468
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIaildp7M0ahI7OAsBKNRno&google_cver=1&google_push=AXcoOmT5-z4sMSIiGutrC4Jbw0nnvxMKRcLlJ0PAcVnSuyis_KdQINqrQ-GwK6GAz753GGf1C8yguak9tpN...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT5-z4sMSIiGutrC4Jbw0nnvxMKRcLlJ0PAcVnSuyis_KdQINqrQ-GwK6GAz753GGf1C8yguak9tpNBr6PFV0qoW8Wt_MdwMXty&google_hm=yrGO1y8-QICnlUsV...

170 B
188 B

66ms
66ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT5-z4sMSIiGutrC4Jbw0nnvxMKRcLlJ0PAcVnSuyis_KdQINqrQ-GwK6GAz753GGf1C8yguak9tpNBr6PFV0qoW8Wt_MdwMXty&google_hm=yrGO1y8-QICnlUsV2vzYzOk

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT5-z4sMSIiGutrC4Jbw0nnvxMKRcLlJ0PAcVnSuyis_KdQINqrQ-GwK6GAz753GGf1C8yguak9tpNBr6PFV0qoW8Wt_MdwMXty&google_hm=yrGO1y8-QICnlUsV2vzYzOk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D468
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEK345stJB-t0-HIcXwCLtCs&google_cver=1&google_push=AXcoOmTCcXsIalpwpyXrcXMaXaiL7nrLT0CtCX8YcxUpATteHWF9hFuOssVss1nca2ry1W3skOVG1Dk3MyND1zq3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmTCcXsIalpwpyXrcXMaXaiL7nrLT0CtCX8YcxUpATteHWF9hFuOssVss1nca2ry1W3skOVG1Dk3MyND1zq3Ky0DqNRPrnIu9EeS

170 B
188 B

65ms
64ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmTCcXsIalpwpyXrcXMaXaiL7nrLT0CtCX8YcxUpATteHWF9hFuOssVss1nca2ry1W3skOVG1Dk3MyND1zq3Ky0DqNRPrnIu9EeS

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Dec 2023 20:31:38 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VTqYwDxpThsKnXn19e0fLw&google_push=AXcoOmTCcXsIalpwpyXrcXMaXaiL7nrLT0CtCX8YcxUpATteHWF9hFuOssVss1nca2ry1W3skOVG1Dk3MyND1zq3Ky0DqNRPrnIu9EeS
x-host: tde-deliveryengine-production-5989b845bf-jr2x5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame D468 43 B
146 B 101ms
29ms Image
image/gif 18.198.30.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPBosDC7ghk3UBfKD_dMq40&google_cver=1&google_push=AXcoOmR8xHVM2I96L4-YKbmCxuAJflGekVzi1mB5jO5kdhIWEAPjAM9LDOdFrQeLhaZax9TTYJFYW3zDcEBuKCXN50iKFyJgNW9gI2SL
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.30.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-30-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D468
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDCKLKRKNgqUyQ_Pf3lfXEc&google_cver=1&google_push=AXcoOmT0JfXBPdKyScebxcvxQ51napJJlrB8PLfKIYhyIGOsewt7MVTeHbRiY64sj-yZ7yS5a5VtAlgOBrrdKn2XS3XTreO...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0JfXBPdKyScebxcvxQ51napJJlrB8PLfKIYhyIGOsewt7MVTeHbRiY64sj-yZ7yS5a5VtAlgOBrrdKn2XS3XTreOPT9a3xf5v

170 B
188 B

66ms
66ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0JfXBPdKyScebxcvxQ51napJJlrB8PLfKIYhyIGOsewt7MVTeHbRiY64sj-yZ7yS5a5VtAlgOBrrdKn2XS3XTreOPT9a3xf5v

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT0JfXBPdKyScebxcvxQ51napJJlrB8PLfKIYhyIGOsewt7MVTeHbRiY64sj-yZ7yS5a5VtAlgOBrrdKn2XS3XTreOPT9a3xf5v
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D468
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAffAwgxk-J4wX_VFSsRAtk&google_cver=1&google_push=AXcoOmQXkp8k7WUS1ec7mn21ZgvNF6X1FZVXci2LkzXsA4_xQbvbmkhZLw68pv6Ltye1yN9sTLhnnntvdLXI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQXkp8k7WUS1ec7mn21ZgvNF6X1FZVXci2LkzXsA4_xQbvbmkhZLw68pv6Ltye1yN9sTLhnnntvdLXINhk7ypJu3_7Q15nbdwRp

170 B
188 B

66ms
66ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQXkp8k7WUS1ec7mn21ZgvNF6X1FZVXci2LkzXsA4_xQbvbmkhZLw68pv6Ltye1yN9sTLhnnntvdLXINhk7ypJu3_7Q15nbdwRp

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQXkp8k7WUS1ec7mn21ZgvNF6X1FZVXci2LkzXsA4_xQbvbmkhZLw68pv6Ltye1yN9sTLhnnntvdLXINhk7ypJu3_7Q15nbdwRp
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame D468
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKD5r3nBiLAC...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSDtHCUNZihxyiTVVYp5EB_ECF4e7WCxwPFqhfwJ2Xa4meFy94nHWV32eYRu-nYuymVRl1S62vcRYnC2ekF3xODHe8DHLDqbVt17Q
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

56ms
55ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 10 Dec 2023 20:31:38 GMT
pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D468 0
12 B 63ms
62ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kn9zqcGdKwF1QZckZqm4n2_Pb2lrGUQj0OnG7-MjCB5vPUUznrkTOxLt84-dP9BDKItJ8gQw

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A99D 0
0 122ms
121ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtDMtKSB2ZdbTE9fBgQfqnZzICdLg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQngAgCoAwHIAwKqBLMCT9C2wOqP3Px4lvxfF4-OnvnaxR__j8lEGB9Yh5quXej4qcLHaHTpKOFlhgzdgDVcF4fTT5TKWNSx3YhZ4NEWEbMPSwJAxw7ctQZtx9XIp_K8tnGVyMccjyqoI0B9uVzCbab2nTXQ9Tbf-SnbSptX5xKD_-xTXh8HJrQDGyHR6b9I6JZz02wj32qMNJwsuqXX-f0HASAWuUqKGDoaPXVciPGgDKs0vX4pozC6MwY6bMSyb-DTe8rClKrLPj4QB5h0i5DRh7ONXW3Gn4PLdGKZEoj_aDnQ7QLdGjYH2UupEAsN0tbHNJsk-98FX5gO0NkUQf0bHjkW99zO_mGoi247Qrge7Fo_oezfjZXrtQDimwlx7sgTlqzg_FwxZVVuK032ZfrLU8HdnAHaoYvNeaIvkbycauAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA4AKAfoLAggBgAwB4g0TCOvN-KHbhYMDFddg4Aod6g4HmdAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=RWXzrV1L1qU&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN0w1kHK1ujGYfd5k-Uf3G-z5cSz8mYh1TvMMQ8ns5OX9RSJI5GNEe0fhn6mvIMr7t7hhpkTpIGAE&cbvp=2&vis=1
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame A99D 0
533 B 53ms
53ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QLQB8jQAwAAAwDWAAUBCKnA2KsGENPbsMLj7uCJEBgAKjYJ3pnkRj1OnD8Ran1pVqKXmz8ZAAAFAghAIWoNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYx7E9YABon6RUeKryBYABAYoBA1VTRJIFBvBPmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLXBhbGVvaGFja3MuY29t2ALwBuACoqgx6gI2aHR0cHM6Ly9ibG9nLnAyJwAEL3ABD7AtcHVtcGtpbi1zcGljZS1kb251dHOAAwCIAwGQAwCYAwmgAwGqA64DCsQCaHQJTPCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWJjMzJhOGM1LTUwOTktNDRmOC04ZDkzLWVmYTMxOGU2ZmRiMiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYo5xALhydHlwZT1udXJsJnRhZ0lkPTcyMTE1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_D1X3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzExNTg0MTQwNzI5MzgyNDU1ODciCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AOFzzzgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXL9afZjbCXgh3ABQDJBQAAAAAAAPA_0gUJCQAARft0ANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6ryBdIHDQkRKAEmCNoHBgFerBgA4AcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=5aa6266723bcee30086cf609d7040453e81f1a93&pp=ZXYgKQAE6dYK4GDXAAcO6tCOxr3HMlnf1oQUtw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGP_UKSB2ZdbTE9fBgQfqnZzICdLg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQngAgCoAwHIAwKqBLYCT9C2wOqP3Px4lvxfF4-OnvnaxR__j8lEGB9Yh5quXej4qcLHaHTpKOFlhgzdgDVcF4fTT5TKWNSx3YhZ4NEWEbMPSwJAxw7ctQZtx9XIp_K8tnGVyMccjyqoI0B9uVzCbab2nTXQ9Tbf-SnbSptX5xKD_-xTXh8HJrQDGyHR6b9I6JZz02wj32qMNJwsuqXX-f0HASAWuUqKGDoaPXVciPGgDKs0vX4pozC6MwY6bMSyb-DTe8rClKrLPj4QB5h0i5DRh7ONXW3Gn4PLdGKZEoj_aDnQ7QLdGjYH2UupEAsN0tbHNJsk-98FX5gO0NkUQf0bHjkW99zO_mGoi247Qrge7Fo_oezfjZXrtQCgmSjjLGzp-zgaiOmvPNHYL2784fPlSxh_GlheHQvnVbrvEF7x_kQQjeAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOvN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GOcfMVp0IoSapzvyI9sz49sKRpA%26client%3Dca-pub-5144389657785565%26adurl%3D&cbvp=2

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
an-x-request-uuid: 5f3bdbd6-a1a0-4a1f-b13e-5e25d4ed8681
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 635E 0
0 123ms
122ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7rcVKSB2ZdPTE9fBgQfqnZzICdLg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQngAgCoAwHIAwKqBJ8CT9D8zsH2U1trrcSwRaSqFGSruCBMKDQ9tWRRVIVlh2-j0Ou0enSX0VmA2Af8iDGAfcLo3sTB3I3lsL-9wbGEUC0IIkcDVGk1INLAaK-PylBR5I6QnOVXKT-bP0aTAfYYUAHnvL1YPOMgBpO9Tyy2s2rnhicHUwR4uDV2XLQhTQfSYbN0LxUTkjWTGmS63ro-GGDoHnKRsqbQ8weZ9V81V06aUfwe5srm3o_ZH9PoSSAj3HSFUE8R-ScRD7LC3Isuvy3_jzpfeqgmVMxoFhRA0Vf_7eOjSm5DzJbKKEYHEaZIIQjS8CuF_W37UdYwRpJxw2sUNuEjiahGoxCsSUeGe_APWovbYti-Qn_a5U0RQpGY_QcxbbnTGA9TAqgbxkPgBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg_z3oduFgwOACgH6CwIIAYAMAeINEwjozfih24WDAxXXYOAKHeoOB5nQFQGAFwGyFxwKGhIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=R2CC4sXrsuM&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN0w1kHK1ujGYfd5k-Uf3G-z5cSz8mYh1TvMMQ8ns5OX9RSJI5GNEe0fhn6mvIMr7t7hhpkTpIGAE&cbvp=2&vis=1
Requested by: Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 635E 0
533 B 112ms
112ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QLeB8jeAwAAAwDWAAUBCKnA2KsGEPuXoOCX_dreFRgAKjYJkDaUf6o0rT8RRjDVB0F4rD8ZAAAFAghAIUYNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeO3zBYABAYoBA1VTRJIFBvBPmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtcGFsZW9oYWNrcy5jb23YAvAG4AKiqDHqAjZodHRwczovL2Jsb2cucGEuJwAALwU2qC1wdW1wa2luLXNwaWNlLWRvbnV0c4ADAIgDAZADAJgDCaADAaoDvQMK0wIRTBx3d3cuYmluZwFs8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzYwMTE0MDEtYzBiMS00NjZjLTkyODMtMzg2NGY4OGRiNTQxJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADOOcQC4cnR5cGU9bnVybCZ0YWdJZD03MjExNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQCIX3AyZl96Ym92eXJfaTEmYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhMxNTY2NTI2ODk1OTQ3MjU0Nzc5IgkzODE4NDY3MTQqBCFw8IE6OFUyVmhjbU5vUVdRak56STBPVGt6TnpVeU1UY3lOamNqTWpNeU5ESTVPRGcyTWpBek9UY3dOdz09wAPYBMgDANgDhc884AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QbBUiAUBmAUAoAWl14jPysin1gbABQDJBUX7GADwP9IFCQkJDDwAANgFAeAFAfAFheQD-gUEAVwokAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNFWUBJgjaBwYBXqwYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=887d60876bf62ff30ee9ace874dcdd7ade00fa87&pp=ZXYgKQAE6dMK4GDXAAcO6rLL_MyNiWr9fN-log&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjKL3KSB2ZdPTE9fBgQfqnZzICdLg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQngAgCoAwHIAwKqBKICT9D8zsH2U1trrcSwRaSqFGSruCBMKDQ9tWRRVIVlh2-j0Ou0enSX0VmA2Af8iDGAfcLo3sTB3I3lsL-9wbGEUC0IIkcDVGk1INLAaK-PylBR5I6QnOVXKT-bP0aTAfYYUAHnvL1YPOMgBpO9Tyy2s2rnhicHUwR4uDV2XLQhTQfSYbN0LxUTkjWTGmS63ro-GGDoHnKRsqbQ8weZ9V81V06aUfwe5srm3o_ZH9PoSSAj3HSFUE8R-ScRD7LC3Isuvy3_jzpfeqgmVMxoFhRA0Vf_7eOjSm5DzJbKKEYHEaZIIQjS8CuF_W37UdYwRpJxw2sUNuEjiahG4RKN24UigZ2boP9u_IE69Hv578kYbIlBX4Fo6QVTMiNLwin5q9c1oEvgBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg_z3oduFgwP6CwIIAYAMAeINEwjozfih24WDAxXXYOAKHeoOB5nQFQGAFwE%26num%3D1%26sig%3DAOD64_2pdVgcz2RpOBB-c7WqcRVG9EWZuA%26client%3Dca-pub-5144389657785565%26adurl%3D&cbvp=2

Requested by

Host: 9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
URL: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:38 GMT
an-x-request-uuid: 0dbf88ad-5d06-4e25-9774-940b1db86cd4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4261 115 KB
14 KB 46ms
46ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2486518
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt%2FzUcRmH9ZtYrqwoBxqzKh3n%2FXLPEPdaD9x7k5NsTcbmGqMDYu2i3rwhyjB0aWQGIcZcT4YE7z42cIqAGM540YPatE8pXqiAzqz90UDMgWhygJnDH4TVt0bQt9RwDTMZ8Desof1900%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 833840a8aadc5b38-FRA
expires: Mon, 11 Dec 2023 20:31:38 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 4261 9 KB
9 KB 50ms
48ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096870
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l74c4TAG9osNsEF5CpuVA%2FBuU2KXR779fadCMcvnMighi4TkqZFi8Uzow7MavJjHxRlfq%2FwpeH9hIHZ0kZuS2aV9J9XVmrKEiRQeLnxc1b0UnDL6MuxHez7cVUcn9BD3Yq%2Fmc%2FkIN0uC1Fm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a8acf0381a-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 4261 32 KB
33 KB 77ms
76ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2488155
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FTCWfJdZIjI03ldCOZzO2zEDqn8rzIDXpNP47pWAkS4cvdEYgjfjN6WJ9t7wOrcy0bifREXuG2xe2e1JPK88Cceo2QUvzQIp18LRbdAEJ8cqU%2FZ07lAU5nuz%2BvQnPBv3VVTHnNs5DEObUAi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a8acf3381a-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 4261 0
327 B 157ms
74ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 4261 7 KB
7 KB 49ms
47ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182051
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400
content-length: 6740
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:29 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BY3eUXLPKDbzRkB%2FzEqL%2FyEt1qolHG72aaCC8CrAVkseUglA1M1%2BcgNGaaQ7X1aLOQZvLw0zAlAcojPNEmZaDBniJfpSh1gU534ooePv1zzqxQa8PwQPc6z51xJktMIcPnsWOy3TQoyOint6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a8acf4381a-FRA

GET
H2 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 4261 26 KB
26 KB 77ms
76ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2573968
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26621
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:09:50 GMT
server: cloudflare
etag: "0a62ebe3b3faad549be8ad7d4386119f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tLx0n%2FP%2FNMD2uiMvBNDOLm86Ch2Xf50VXlYXKf%2BzQAYwQIKeLI5PymIuknS0NTL2%2BZCaAHvZkw%2BIIDvIcVr41BYASrgKe8jm6sNWVlYbllD2N6YrQ8zO2irLINYNlHonEFLvmsUthXDbOZd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a8acf6381a-FRA

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame 4261
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRGoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702240298_1ea88635-979b-11ee-9488-2234841a3abe

43 B
1 KB

177ms
127ms

Image
image/gif

2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702240298_1ea88635-979b-11ee-9488-2234841a3abe

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 833840aa687c58e4-TXL
x-xss-protection: 1; mode=block

Redirect headers

Date: Sun, 10 Dec 2023 20:31:38 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702240298_1ea88635-979b-11ee-9488-2234841a3abe
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 1AE0100679DEA6E9828359DAE5AB4B1AB525BBCDF569E1787E77DFD9660F62D2DF4AC066EB75440D95DA25F6D03F1BC74148475AEF4F371AA66ADFD1FA3DB542
assets.ad4m.at/logo/ Frame 4261 28 KB
29 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/1AE0100679DEA6E9828359DAE5AB4B1AB525BBCDF569E1787E77DFD9660F62D2DF4AC066EB75440D95DA25F6D03F1BC74148475AEF4F371AA66ADFD1FA3DB542
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0f5ca105c0dd7238152fd0c4eb909adf2470bb35797e74aeeb82f6efe1d5a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178124
cf-polished: origFmt=png, origSize=51775
alt-svc: h3=":443"; ma=86400
content-length: 28956
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:42:55 GMT
server: cloudflare
etag: "45d997fbeb0b1a01c930edce3362ff44"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuYNhNJk%2FEUbHunddaZbCciMRlxI0n2xMM3jGn4zKExw3mpOmJoWDnBwXNpPgH1DQbZlNlapFFufcwOqss0Mf7iL7WVk9qhuEhXqopgYLjOxU8RkS7FdUeHNUfKpgxJcgq6kuZAPerSnIuPb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a8acf9381a-FRA

GET
H2 200 4013933CDEDC7102075E0ACAB11A1F181544B574ABA13DF8D1F786921DBDE25A4D7B19D64182B83AD8E3064E11E94354EC5129747A977462AC4029E44CCF2920
assets.ad4m.at/ Frame 4261 86 KB
87 KB 51ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4013933CDEDC7102075E0ACAB11A1F181544B574ABA13DF8D1F786921DBDE25A4D7B19D64182B83AD8E3064E11E94354EC5129747A977462AC4029E44CCF2920
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C29002%2C819&b=ZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=970&d=250&e=&g=51642858e3ba7df3b9d629c5a5191fc0%2F1160109689546823131&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702240298240&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gqnbjve9x2rawq212xz4kbzaynjyv2x0xx8qt25k64j00hq2fpp0b8gcqr1w1vxvnvsah54p8a42kn78x34x4sgecjkp6v4djaj21njrechxx9qcnqz0c0v3ztn60wmc8qbp7tnkamme33cw3xmwxnxwxkdv1qwydycbcmfadnrywy8parns205m501ns41byx4hn44sksykwm6h9r1vm96gj45tkjq55d8vgadevpt0h6af44h3d9zzbjy15tdc5nf6vzpsct16fgsskt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmTfGKSB2ZdXTE9fBgQfqnZzICZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAmItiH_3DrI-4AIAqAMByAMCqgSsAk_QmzOZ9uCF-mRVyVONOuZdpYYTbNwBN-A2KurlxrobYlnE1bI6AJywj9lrYmamAECZ14XhAilyq_xLm3x6lh8UvwYM4rmeKHPBURarR50Q4dRhFI7d_O50R43hHqhTeDTlzapb5SeKSYGIl7Q5Oubkjw0ImNS8iHBGRCB2H8PGcpIk4OgXa2Lr0RsmMvl-jKLlWnOzIJrA7f3tczfUdMdTOZrtUdKR8EGRq1B4_eKL5hIgbna2bZFXe1p31YTM2OGXBxnxzJ9w5mBp3e77R-6DMFTLzlU96CoMCstbkMZ4xstB0snKPs9Zt6EkXEAYZiWNebVts_oRzUxb7PRStnzLbheIxcuXg_HhaY-lcI-nfVrLEOI2VYMvpe1vcLzWF9UAQ3dLPEpigSxkJeAEAYAGsfjf2LTYtM6LAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliD_Peh24WDA_oLAggBgAwB4g0TCOrN-KHbhYMDFddg4Aod6g4HmdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09BENntBVEdHla1q6dakMPG3_2VA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da65ecc845d49077b36941fd1c37e66f544e20188bd5861fd9193deaab62961

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:31:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169428
cf-polished: origFmt=png, origSize=105062
alt-svc: h3=":443"; ma=86400
content-length: 88196
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 13:33:36 GMT
server: cloudflare
etag: "41509d71ed35ad54f2e0a11e6d168662"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kfdrp7ZyezPRHEu8FMdtUQ5VbOSWyqy1sAecPBgydlZGeKUOuwTxkSa93GqEfXdYKkprlyzPmU61MGMm0HIHdXgmTqB%2FsnUnIlIZ9fK%2B8JUX60jKu6dR5YUZThH3Pf6Q8Ak04jAfGUk2rOqc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 833840a8acfa381a-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4261 43 B
703 B 237ms
142ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3075674&v=11400&q=348971&r=412871&pv=1&pref3=oneid4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 20:31:38 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3

200

c.gif
www.bing.com/aes/ Frame 635E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8cd3d9a3-1d31-4991-acc9-d0a5bf51d219&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=36011401-c0b1-466c...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bec25ebaee5740e8ab8b279833342800&tids=15000&med=10

0
18 B

340ms
340ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bec25ebaee5740e8ab8b279833342800&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17DD1CBBD69F4BB79B8D82ACDB6C267C Ref B: FRAEDGE2007 Ref C: 2023-12-10T20:31:39Z
x-cdn-traceid: 0.9aa12417.1702240299.4eb26a4b
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 10 Dec 2023 20:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD8B20F1BC224ABCA1BE4598A1FDCD9D Ref B: FRAEDGE1318 Ref C: 2023-12-10T20:31:39Z
x-cdn-traceid: 0.9aa12417.1702240299.4eb264a6
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bec25ebaee5740e8ab8b279833342800&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 635E 0
583 B 33ms
32ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts&e=wqT_3QLeB8jeAwAAAwDWAAUBCKnA2KsGEPuXoOCX_dreFRgAKjYJkDaUf6o0rT8RRjDVB0F4rD8ZAAAFAghAIUYNEgApESTQMQAAACCF68E_MMqUuAM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeO3zBYABAYoBA1VTRJIFBvBPmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtcGFsZW9oYWNrcy5jb23YAvAG4AKiqDHqAjZodHRwczovL2Jsb2cucGEuJwAALwU2qC1wdW1wa2luLXNwaWNlLWRvbnV0c4ADAIgDAZADAJgDCaADAaoDvQMK0wIRTBx3d3cuYmluZwFs8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzYwMTE0MDEtYzBiMS00NjZjLTkyODMtMzg2NGY4OGRiNTQxJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADOOcQC4cnR5cGU9bnVybCZ0YWdJZD03MjExNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQCIX3AyZl96Ym92eXJfaTEmYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhMxNTY2NTI2ODk1OTQ3MjU0Nzc5IgkzODE4NDY3MTQqBCFw8IE6OFUyVmhjbU5vUVdRak56STBPVGt6TnpVeU1UY3lOamNqTWpNeU5ESTVPRGcyTWpBek9UY3dOdz09wAPYBMgDANgDhc884AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QbBUiAUBmAUAoAWl14jPysin1gbABQDJBUX7GADwP9IFCQkJDDwAANgFAeAFAfAFheQD-gUEAVwokAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNFWUBJgjaBwYBXqwYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=887d60876bf62ff30ee9ace874dcdd7ade00fa87&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=3123478511602628788&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7211594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:39 GMT
an-x-request-uuid: 9a9add39-72d5-49ef-91b7-428db2fc14ac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.233; 193.32.248.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 635E 42 B
174 B 111ms
110ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUIFhDs-YE0rWCPZYSF5kJdhpuIYQbqaopxA64XyHTulGlkTpMHs5lSBWtXQpoewnMuE0PoMfgwRmRwV1GwP917UdhhU9ZhqQEYv2SKikuchCwB1199A&sig=Cg0ArKJSzJMBE-lqIIavEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702240297784&rpt=534&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
364 B 157ms
89ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1702240299394

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 10 Dec 2023 20:31:39 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 49
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 65ms
57ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3bt0v9137939032&_p=1702240293771&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1502073168.1702240294&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sid=1702240294&sct=1&seg=0&en=show&_ee=1&ep.event_category=leadbox&ep.event_label=Dessert%20Recipes%20Lead%20Magnet&_et=2&tfd=7466
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:31:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/paleo-pumpkin-spice-donuts	1969-12-31 23:59:59	Name: phvid Value: 162176363
.ad4m.at/cookie-frame.html	1970-01-20 17:33:52	Name: userId Value: bV3Wxy17Fx8WJKwnT-KuqlHdNKOIqh-3
links.paleohacks-mailing.com/	1970-01-20 16:51:23	Name: _session_id Value: 0d59177ddcf568e598b4b73fb94bcfdc
blog.paleohacks.com/	1970-01-20 16:50:42	Name: session_depth Value: blog.paleohacks.com%3D1%7C726657258%3D1
.paleohacks.com/	1970-01-21 02:26:40	Name: __attentive_id Value: 13b3213938c54441b2d9cdc909a4ced6
.paleohacks.com/	1970-01-21 02:26:40	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNzAyMjQwMjk0MDg5LFwidW9cIjoxNzAyMjQwMjk0MDg5LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjEzYjMyMTM5MzhjNTQ0NDFiMmQ5Y2RjOTA5YTRjZWQ2XCJ9In0=
blog.paleohacks.com/	1970-01-21 02:26:40	Name: __attentive_cco Value: 1702240294090
.paleohacks.com/	1970-01-20 19:00:16	Name: _fbp Value: fb.1.1702240294097.61119671
.paleohacks.com/	1970-01-21 02:26:40	Name: _ga_QMKQQWEFHC Value: GS1.1.1702240294.1.0.1702240294.60.0.0
.paleohacks.com/	1970-01-21 01:36:16	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18c556d95fb802-0b8d32db9f1fcd-1e393178-1d4c00-18c556d95fb802%22%2C%22%24device_id%22%3A%20%2218c556d95fb802-0b8d32db9f1fcd-1e393178-1d4c00-18c556d95fb802%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.pinterest.com/	1970-01-21 01:36:16	Name: ar_debug Value: 1
.blog.paleohacks.com/	1970-01-21 01:36:16	Name: _pin_unauth Value: dWlkPVpEVXhaR0kzWVRFdFpqRmpZUzAwWm1abUxUbG1ZbUV0WW1KaVlqRTRaRE0wT1RNMQ
.paleohacks.com/	1970-01-21 02:26:40	Name: _ga Value: GA1.2.1502073168.1702240294
.paleohacks.com/	1970-01-20 16:52:06	Name: _gid Value: GA1.2.1571426548.1702240294
.paleohacks.com/	1970-01-20 16:50:40	Name: _gat_UA-42752472-1 Value: 1
.paleohacks.com/	1970-01-20 16:50:42	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 16:50:42	Name: __attentive_ss_referrer Value: ORGANIC
.paleohacks.com/	1970-01-20 16:50:40	Name: _dc_gtm_UA-81910700-1 Value: 1
.paleohacks.com/	1970-01-20 16:52:06	Name: __attentive_dv Value: 1
.paleohacks.com/	1970-01-21 02:26:40	Name: _ga_RWB4GYKC4G Value: GS1.2.1702240294.1.0.1702240294.60.0.0
.paleohacks.com/	1970-01-21 02:12:16	Name: __gads Value: ID=4216b41fcf65829d:T=1702240294:RT=1702240294:S=ALNI_MY-g_UjeokNfTswFbjl4EjX6ZFC4w
.paleohacks.com/	1970-01-21 02:12:16	Name: __gpi Value: UID=00000d115b61079b:T=1702240294:RT=1702240294:S=ALNI_MaQMW2TVyv-aovD4rY12XZmd4RK1g
blog.paleohacks.com/	1970-01-20 17:33:52	Name: ph-popup Value: shown
blog.paleohacks.com/	1970-01-20 17:33:52	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
.doubleclick.net/	1970-01-21 02:12:16	Name: IDE Value: AHWqTUl-cqIYzHC8g7OJD_W2Ih6SXpDWkihrd40vlzdHuW11UNomvImxCCYst_BYjfw
.travelaudience.com/	1970-01-21 02:22:21	Name: _tracker Value: %7B%22UUID%22%3A%22553A98C0-3C69-4E1B-0A9D-79F5F5ED1F2F%22%7D
.simpli.fi/	1970-01-21 01:37:42	Name: suid Value: 8BA18D677DA84260A53BB4D66EBBB150
.adform.net/	1970-01-20 17:35:18	Name: C Value: 1
.de17a.com/	1970-01-21 01:29:04	Name: guid Value: 1.5554337728676263176
.adform.net/	1970-01-20 18:17:04	Name: uid Value: 5647019042264022371
.bing.com/	1970-01-21 02:12:16	Name: MUID Value: 201FFAAE7B0D629315F1E94D7ADF63C2
ads.travelaudience.com/	1970-01-21 02:22:21	Name: _tracker Value: %7B%22UUID%22%3A%22553A98C0-3C69-4E1B-0A9D-79F5F5ED1F2F%22%7D
.adfarm1.adition.com/	1970-01-20 19:00:16	Name: UserID1 Value: 7311066409855154315
.ctnsnet.com/	1970-01-21 01:36:16	Name: cid_cab18ed72f3e4080a7954b15dafcd8cc Value: 1
.ctnsnet.com/	1970-01-21 01:36:16	Name: gid_CAESEIaildp7M0ahI7OAsBKNRno Value: 1
.ctnsnet.com/	1970-01-21 01:36:16	Name: cid_7445c32df86d4d839d4d5740fcbe74f2 Value: 1
.turn.com/	1970-01-20 21:09:52	Name: uid Value: 4579305352266481359
.yahoo.com/	1970-01-21 01:36:37	Name: A3 Value: d=AQABBCogdmUCEJKWVseDcqVkc3nuFxYd68EFEgEBAQFxd2WAZQAAAAAA_eMAAA&S=AQAAAmh40XjTj7SA48HgzjlukJ8
.everesttech.net/	1970-01-21 01:36:16	Name: everest_g_v2 Value: g_surferid~ZXYgKgAF6g8tRwAM
.awin1.com/	1970-01-20 17:00:45	Name: awpv11420 Value: 412871\|1702240298\|1ea88635-979b-11ee-9488-2234841a3abe
.awin1.com/	1970-01-20 16:53:33	Name: awpv11400 Value: 412871\|1702240298\|1ea8ad45-979b-11ee-bd07-2236e1f32b64
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 348971:3075674
.freenet-mobilfunk.de/	1970-01-20 17:00:45	Name: VPCommission Value: 41006061
.freenet-mobilfunk.de/	1970-01-20 17:00:45	Name: eventid Value: 11420_412871_1702240298_1ea88635-979b-11ee-9488-2234841a3abe
.freenet-mobilfunk.de/	1970-01-20 17:00:45	Name: subvpid Value: 412871
.freenet-mobilfunk.de/	1970-01-20 16:50:42	Name: __cf_bm Value: KYp13AYwcwqTWGxLqrZvUJclhscN5mO2SA_8OcZzuxw-1702240298-1-AYT56HabDcD9Ds2U25hb6kgnO7A7k9wg+ndRgrgH6/crm01nIQkDH/DNj8MCjdNC1nmlvgkYhkkVaHJJu7rTiv0=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: 4J_FNyJXvg1Lgsz_R1KKzrl9FPLyKtzuypHLauHKqww-1702240298732-0-604800000

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.ipify.org/?format=json Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://blog.paleohacks.com/static/all/js/can-i-show.js Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178194.tracking.hyros.com
9b5e22789d567fe632dde3c5e3e86745.safeframe.googlesyndication.com
ad.turn.com
ad4m.at
ads.travelaudience.com
adsdk.microsoft.com
adservice.google.com
ams3-ib.adnxs.com
api-js.mixpanel.com
api.ipify.org
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
blog.paleohacks.com
c1.adform.net
cdn.adnxs.com
cdn.attn.tv
cdn.mxpnl.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
lg3.media.net
links.paleohacks-mailing.com
log.pinterest.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
paleohacks.attn.tv
paleohacks.lpages.co
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
pvx.freenet-mobilfunk.de
r.turn.com
region1.analytics.google.com
s.pinimg.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
track.mypaleorecipe.com
um.simpli.fi
www.awin1.com
www.bing.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.ipify.org
104.96.147.178
107.178.240.159
151.101.129.108
151.101.2.49
151.101.64.84
172.217.18.98
172.64.144.121
172.64.148.35
173.231.16.77
18.198.30.169
18.208.83.62
185.89.210.180
2.19.216.27
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.185
23.1.108.46
23.32.185.35
2600:1901:0:76b9::
2600:1901:0:bc29::
2600:9000:20a0:c200:1c:9484:cec0:93a1
2606:4700:10::ac43:15df
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:4400::ac40:9b32
2620:1ec:46::45
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:26f0:3500:1b::1724:a39a
2a02:26f0:480:4a5::1931
2a02:fa8:8806:12::1370
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3602:8b08:3c9:f238:ee96
2a06:98c1:3120::3
35.186.193.173
35.190.0.66
35.202.21.90
35.204.158.49
35.238.129.105
35.71.131.137
37.157.6.232
51.38.120.206
85.114.159.118
91.121.248.44
00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84
0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08cfaae2556c8208443bf88d287cab58cabff5c94bb5edf0ca9418826c0f587a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0feacdb4624ff9ab0d1ea0264e96d653a39855437348549ca951f5ca7baffef0
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
1fbfff963eb97f28e3b6bdc5e628e27fac2717beca2642b76e7171abb126147d
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2206b43ab2cccf030f1078bf20a8436ea21a2a5f9bf5d96ff8bc271561fa7fbe
229788376a77ac6380dcf37286c503556f46dd5f35886ac2b0df144331fe6225
23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325
246de55cb0e89a31fa93fa8dd530fa36e8bab5862087a80fce540ff7bcfa9d1c
2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9
2da65ecc845d49077b36941fd1c37e66f544e20188bd5861fd9193deaab62961
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e00991138baf84b192530115833b70d13ca5ce53b7670987983fef5a3e9ce0b
30a320551b9c44adeed172915d9813f38c78c2619a51472d7b0deb7f8fd9fd11
30a694adb13868297155bb6363f53335e6bc53c3ff760f90ecba698cfbb2826b
31395ea37360cb79a7d85a8a9d46aa7b1a0156461f189ae821905441daad80a1
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1
344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e
53c3b4e146763dacded5b888f15cbd037e647886e05dd591931287662b769054
53ecfb7fb539e851138504ca730068408f677cff5d7ef348a0c7f69dbb31371a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aaa8ae246e2f8fa0ceb5bc3a610b33ce3d5bcfefb7b34e774647d6a585b2743
5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
6107f61423eba79dc6f1bb8b35032a707f4ffa5123e8787cdbc8d96ae9208b8a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ba217c47f8a530cd1fbab05b9e9321cd16914ee0199eb35944638261e2ebe2
62db4a83c7d9a73707f55c212f1b5e56811aa93df17077559b84b41123863248
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
71479cf5f46f1ff2c003578e4a104080a0a8f7d2cc1ddb042f2fe9f64ea1d0e1
72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
73ad9dc13eecabb377ab6e988a114a029001dc6d233bd6fdb0022d22624f6ea4
73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574
7634609c5c178f85f1210f8cf334440c1eeb25c4b54151f1dae45808954c2bfd
77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c0ef3f2ef1f7defcf7b9bd90f7fb577b56eb65b3b26568f8fc1fa65b0b7bb17
7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4
7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58
7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87
80ceff8dfdef655b9eb6a9464fb540b95314247cb539c0244abb757a6bd0544a
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
83d7c740e561b74bac04477add1ac4134814be5c9563e8bb87c62310be09cfc0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e
87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f
87664fd82a3e36aedd5a153ac8571b8e07561993ebbfd462e0400543c30b3450
8b97dddae741c1a857fd0d477fe95965f4e8de2465e8c9b195fb65ce1e117926
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b
9d02f64ee610b067e74b7a42948c410fbc0e438d53f6d8f4e16afc3594d73745
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a108be93e8ddf9fce244196e866adde603fb715eafb8632fc36e733dba6edbb1
a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a
a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84
a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75
a63d12dbf3b29cbb9d519b177015c29f8af1cff648742bb999bd278b57333864
a6553a6fa0d67bc6085504331cebaa20bd6df5608b5ae452254c68d9e4dd3c84
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
ac63a064b70dc77c6aa7963b1ff7973cc255bdd030cd9c124665dcdfabd0a172
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760
ae526acd27bfa8ad3499c0fcaec8312aab58756b0222544d7eec5045d066a4d6
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b18361f85cc62ddc399cfbded4fc8ad8ad01388f33b6d040181f25b6ed7a7b6a
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71
b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed
b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5
ba5a0efdff20b3d57efe46e272d0702939bf9d2e48c678f4052c8f4f5fe15c56
bb21ead4372ebb64e4fabcf96d2f9f0c498494f4d6814041b0aca759be9933f6
c159bee825cd3070d906cf6f29a93bcb17edfed5f3578b4b8a1e1d1c1d5e8c8e
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87
c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71
c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c7517d7ef232cd0373e172e8c979d261e557a1b2246286d452c8b69836848b18
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c96599a97ab376e85b8b7e988182a8efd8eb036646a981cf7b3aad194bae85c7
c9ece16a98d377789c47d64297f973bfebbae4a7f269fa78550df43b50b2e4d1
ca0cce2493620281a8067a4fe4dff67a03ea2a2b291a295c0535bc666fbcd87c
ca275dd77cd911cd2e6fa1612657cfc3b67f9577d390eb8639fcea27085b285e
cc1c1ad604408cf6342dd1fb4ad87bb18e331060bec4b605f4010041060af6ef
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
cf018a86a516f35c62887cccdac2787783d8ec087376f3e936b456a1cafc2347
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
d954ed372014ec6c967b5e6aae402fe9c55d9bf8e259cfcdc63deb0b04886933
dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debffc17b86b653a5cbeb2cf718eab79012b52cfd2994ebeb32fbf2b458041d7
e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e790e57b5e2b425d26a169ff72f22467114f21753bc0750ac13fec1654e6fc33
ea0f5ca105c0dd7238152fd0c4eb909adf2470bb35797e74aeeb82f6efe1d5a9
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a
eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f1d415d7adf36a43a11096c6c55f4e3dc23a1aaa2adc020e93dcccc678c3729c
f2859ca4990847ccd84e30eb924c8ab98fc65fe5bcc6388e43d252382b264f48
f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5bbf1000d10bfa861f929bb8dc1223838e6195ab19d3d7be431a2cc3f8229a7
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fb814caa2023d6bab3c13538e2bf157715d72c8498a342c72d63c80e84c07de5
fbc17325e7575f7e337eb7305faaf6194c45d177ec3fff630e4eabbba3d560de
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd34a470dd86a35ccb127e7beea422ec0be70c6fe1eb0569f58eff2ba8920528
fefb10032e9c503375fd8ac3cc2be876f835b2e6ea5022fbcb57a9b9babd1259

blog.paleohacks.com Open in urlscan Pro 2606:4700:10::ac43:15df Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

90 %HTTPS

55 %IPv6

46 Domains

62 Subdomains

49 IPs

12 Countries

2455 kBTransfer

6647 kBSize

47 Cookies

20 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::ac43:15df Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

90 %
HTTPS

55 %
IPv6

46
Domains

62
Subdomains

49
IPs

12
Countries

2455 kB
Transfer

6647 kB
Size

47
Cookies

237 HTTP transactions
22 data transactions