blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:12c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/9962053/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/8c9dbf3db64c6e1dedc65672...
Effective URL:
https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Submission: On April 16 via api (April 16th 2023, 9:54:20 pm UTC) from BE — Scanned from DE

Summary HTTP 180 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 38 domains to perform 180 HTTP transactions. The main IP is 2606:4700:10::6816:12c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com. The Cisco Umbrella rank of the primary domain is 611791.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 61	2606:4700:10:... 2606:4700:10::6816:12c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21f... 2600:9000:21f3:600:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:6c0... 2a02:26f0:6c00:1b3::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.199.5.193 34.199.5.193	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	173.231.16.77 173.231.16.77	18450 (WEBNX) (WEBNX)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	77.55.216.90 77.55.216.90	15967 (NAZWA) (NAZWA)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
2	172.64.150.25 172.64.150.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.43.48 104.18.43.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	143.204.215.6 143.204.215.6	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.137.213 18.66.137.213	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3 9	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 5	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.183.188 3.123.183.188	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:dc73:e56b:3a29:5c67	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
180	45

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700:10::6816:12c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:600:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:1b3::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.5.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-5-193.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.231.16.77 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-77.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.55.216.90 (Poland)

ASN15967 (NAZWA, PL)
PTR: dedicated-aii90.rev.nazwa.pl

ip2c.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.25 (United States)

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.43.48 (None, )

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-6.fra53.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.137.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-213.fra60.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.157 (Esslingen am Neckar, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.69.70.9 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.183.188 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-183-188.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:dc73:e56b:3a29:5c67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	paleohacks.com 1 redirects blog.paleohacks.com — Cisco Umbrella Rank: 611791	529 KB
23	googlesyndication.com 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	118 KB
19	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 220	225 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4135 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35215 hal900017.redintelligence.net — Cisco Umbrella Rank: 319159	11 KB
6	mypaleorecipe.com track.mypaleorecipe.com	36 KB
6	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2785 ct.pinterest.com — Cisco Umbrella Rank: 798 log.pinterest.com — Cisco Umbrella Rank: 3912	21 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	248 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 553	4 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6074 adservice.google.de — Cisco Umbrella Rank: 9047	1 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 114 web.facebook.com — Cisco Umbrella Rank: 216	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3385 paleohacks.attn.tv — Cisco Umbrella Rank: 884289	39 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 227	3 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 10003	33 KB
3	ipify.org api.ipify.org — Cisco Umbrella Rank: 2588	128 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4908	651 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 779 s.tribalfusion.com — Cisco Umbrella Rank: 1904	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 768	2 KB
2	cloudfront.net d3hb14vkzrxvla.cloudfront.net	7 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 738	18 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	155 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	75 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 ajax.googleapis.com — Cisco Umbrella Rank: 323	34 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2120	373 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1326	351 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 449	714 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 627	542 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 685	464 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 72389	24 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3231	179 B
1	ip2c.org ip2c.org — Cisco Umbrella Rank: 47649	240 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3689	18 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	hyros.com 178194.tracking.hyros.com
1	media.net contextual.media.net — Cisco Umbrella Rank: 612	46 KB
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 755435	716 B
0	Failed function sub() { [native code] }. Failed
180	38

	Domain	Requested by
61	blog.paleohacks.com	1 redirects blog.paleohacks.com track.mypaleorecipe.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
6	connect.facebook.net	blog.paleohacks.com connect.facebook.net www.googletagmanager.com
5	hal900017.redintelligence.net	1 redirects 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com hal900017.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	blog.paleohacks.com tpc.googlesyndication.com 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
4	www.google.de	blog.paleohacks.com
4	www.facebook.com	blog.paleohacks.com
4	securepubads.g.doubleclick.net	blog.paleohacks.com www.googletagservices.com securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	beacon-v2.helpscout.net	blog.paleohacks.com beacon-v2.helpscout.net
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	googleads.g.doubleclick.net	www.googletagmanager.com 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
3	cdn.attn.tv	blog.paleohacks.com cdn.attn.tv
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	d3hb14vkzrxvla.cloudfront.net	beacon-v2.helpscout.net
2	5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	paleohacks.attn.tv	cdn.attn.tv
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com
2	www.googletagservices.com	blog.paleohacks.com 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
2	assets.pinterest.com	blog.paleohacks.com assets.pinterest.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	rtb.openx.net	5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
1	cdn.contentspread.net	hal900017.redintelligence.net
1	ajax.googleapis.com	hal900017.redintelligence.net
1	hal9000.redintelligence.net	5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	events.attentivemobile.com	cdn.attn.tv
1	log.pinterest.com	blog.paleohacks.com
1	web.facebook.com	connect.facebook.net
1	ip2c.org	blog.paleohacks.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.mxpnl.com	blog.paleohacks.com
1	fonts.gstatic.com	fonts.googleapis.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	contextual.media.net	blog.paleohacks.com
1	fonts.googleapis.com	blog.paleohacks.com
1	links.paleohacks-mailing.com	1 redirects
0	90f1d619-be9a-4fa0-8e2c-f0f18a8501ff Failed	blog.paleohacks.com
180	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
secure.mypaleorecipe.com
paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-02-22` - `2023-05-02`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
ip2c.org R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.helpscout.net Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
contentspread.net R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Frame ID: 0254FF1D4C3B9B2AAF08D3CF3A5040D8
Requests: 131 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1F581353C696A385533B98A698D7532F
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a504f4867b2c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff344dde49b58414%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 0C8C8C4D1D38D5F2C60434C940D58B68
Requests: 1 HTTP requests in this frame

Frame: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D7FE44701071D800925D7723EB09DF06
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 27448F47F60B917A9EBB79DB907E3505
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD24504DC06A88C4FE51EFED2DC9A8DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57915C4498EC6480106B09AE9A86B6E1
Requests: 2 HTTP requests in this frame

Frame: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C268EA79A626E702437255DF315A7D0E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVquYqktiwL11gNH9wOCPHrBO_t3F-woqRWKM64Fem_z_VHiQ4JN8-s9L6R_D2bpQnCLL_Z2jrGEBHXpBBkM2MelYgg46lokWvBbDzJwn7tKftKDLP9k1h-JSgrHF3BdV7GSazFp-xAltakdomi05zyKvcfFCgzfIdB-St12yRdd6Qlduc
Frame ID: BB5D4EAA367BD7764FB084D4D4514773
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4DDEC3254F40DE939CCE5C3FA1C61A6D
Requests: 3 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
Frame ID: 060DD8D917F3965F30C4EE5C813A92B2
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7348CA86AE51451D5F10F5BB47B3D03
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact PaleoHacksFacebookGoogle+PinterestTwitterYouTube09FacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/9962053/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/8c9d... HTTP 302
http://blog.paleohacks.com/contact-us/?mpcampaignid=9962053 HTTP 301
https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

94 %
HTTPS

55 %
IPv6

38
Domains

53
Subdomains

45
IPs

9
Countries

1706 kB
Transfer

4851 kB
Size

35
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Paleohacks1/posts
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://secure.mypaleorecipe.com/order/portal/download.php
Title: If you need help finding a download link for a product you purchased, click here.

Search URL Search Domain Scan URL

URL: https://secure.mypaleorecipe.com/order/portal/orders-tracking-lookup.php
Title: If you need to retrieve your orders & tracking information, click here.

Search URL Search Domain Scan URL

URL: https://secure.mypaleorecipe.com/order/portal/refund-1.php
Title: If you’d like to be issued a refund for a product you purchased, click here.

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/9962053/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/8c9dbf3db64c6e1dedc65672f78286b96c023b0d?ana=Im1wY2FtcGFpZ25pZD05OTYyMDUzIg== HTTP 302
http://blog.paleohacks.com/contact-us/?mpcampaignid=9962053 HTTP 301
https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1&C=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDxuidoUE8dXzjyHQP0tjgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFkhQGilg1JSe9XVhkVH_sU&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxNTM5MDIyMzYwOTE1Nzg1

Request Chain 160

https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKE8Jh248ZO36LsOU-wbc2rH4AablvaBphZWcp8kP8C4QASDI_YgeYJXikIKgB8gBCakCmh63kApxsj6oAwGqBOABT9C8AHa46yEb95pRMlq5J6g0k4fJXCWNpU1ECPBnRiVbJNmFaRFfE5OKpyUp1LP3BoXGymRqQrxhlGbuK61zGHAavL0LmSzzUa91fSg9A99chnpcmqXrNzWzEA_7XqEv5oPQm5JysmL3r9Yq86bZdAq5Ah1wj92cFF43rYJt2FuENGucRK7wp8vdnVq5sIbequT9LrcJ26yXwrV8BONy1-TnLdv2mu8qqzP-b8dK2bKV84N761c8enrGx9h4CaiNwNDTrmEajSZVxKvz_AiBOMUjkTcf2riUi_Tezxpas8zABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB%26sig%3DAOD64_1dRShyB0zSZDR-r8JRN1A2JkvwQg%26client%3Dca-pub-5144389657785565%26dbm_c%3DAKAmf-Cy6_wEhYlgC_AcJJ-FJjRbjXS4rhnNWSlsffXZy2keZOacY5R4umtVCxJNPt46il8xkKSKXbZZfgPp1zw2a2oV7bKCrRVdr18k-hu29wogP1rXBya_N6PHZa8A485wx5TfxhhPnKjCRuQ4CEgKAXBruDbqHO0PsTIs_7ksJLsm9MKpR8k%26cry%3D1%26dbm_d%3DAKAmf-DcgoYqIY7brA-9kdkcwVSL4ZSmqxbVfi0bP3jAkJrjzcFLZEt3oSMn4BuDTquBt6m94Z3Ylw9HX1ycqVaqv1iEVG2hIYsH8_cO1jMBlr-d5SdKA5yJarVwlbjnwQc_gPZ4LQ6fZEbjvcSo6Uoze2ybocSvStbigHPRqF57DIKSRdwIsjwiAO61HXV5XyYFbwMt7kJ8T1K98GoGyqm77FS_AejsutjqQTYOcU-NKImJ7xvf_A3nkt7VT5Kc-9MG4Kq6pYkv4VodTAxIxr78PmWN2rQURqkTw6uzjg6jiCCUDhWy9FvbWOK7pS99eq6FMJ-VmSfz9lZsRrYthhIAPLW-qXf6CaxYLU2GnZaYbg7KRxMoPlIfqh0RmvnS5T4y0Yom-ZUsI7tFgqNKklwA9MUOF0pRUh9nkrDWWzSaXv48ix35-XN6sQaiL8BUcAqZMgZjSVWK8JvwpgB4SikvTPIjY3bqGMrEDBWlIE124Kh2pKsnFZsbsx1E8gxQe9zzTISFTosI3ice5fYwMte1VU9kmXPJ8GzKYD49eYe8x_MebTIUgWc%26adurl%3D&documentReferer=https%3A%2F%2Fblog.paleohacks.com%2F&ancestorOrigins=https%3A%2F%2Fblog.paleohacks.com&random=131638126819&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKE8Jh248ZO36LsOU-wbc2rH4AablvaBphZWcp8kP8C4QASDI_YgeYJXikIKgB8gBCakCmh63kApxsj6oAwGqBOABT9C8AHa46yEb95pRMlq5J6g0k4fJXCWNpU1ECPBnRiVbJNmFaRFfE5OKpyUp1LP3BoXGymRqQrxhlGbuK61zGHAavL0LmSzzUa91fSg9A99chnpcmqXrNzWzEA_7XqEv5oPQm5JysmL3r9Yq86bZdAq5Ah1wj92cFF43rYJt2FuENGucRK7wp8vdnVq5sIbequT9LrcJ26yXwrV8BONy1-TnLdv2mu8qqzP-b8dK2bKV84N761c8enrGx9h4CaiNwNDTrmEajSZVxKvz_AiBOMUjkTcf2riUi_Tezxpas8zABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB%26sig%3DAOD64_1dRShyB0zSZDR-r8JRN1A2JkvwQg%26client%3Dca-pub-5144389657785565%26dbm_c%3DAKAmf-Cy6_wEhYlgC_AcJJ-FJjRbjXS4rhnNWSlsffXZy2keZOacY5R4umtVCxJNPt46il8xkKSKXbZZfgPp1zw2a2oV7bKCrRVdr18k-hu29wogP1rXBya_N6PHZa8A485wx5TfxhhPnKjCRuQ4CEgKAXBruDbqHO0PsTIs_7ksJLsm9MKpR8k%26cry%3D1%26dbm_d%3DAKAmf-DcgoYqIY7brA-9kdkcwVSL4ZSmqxbVfi0bP3jAkJrjzcFLZEt3oSMn4BuDTquBt6m94Z3Ylw9HX1ycqVaqv1iEVG2hIYsH8_cO1jMBlr-d5SdKA5yJarVwlbjnwQc_gPZ4LQ6fZEbjvcSo6Uoze2ybocSvStbigHPRqF57DIKSRdwIsjwiAO61HXV5XyYFbwMt7kJ8T1K98GoGyqm77FS_AejsutjqQTYOcU-NKImJ7xvf_A3nkt7VT5Kc-9MG4Kq6pYkv4VodTAxIxr78PmWN2rQURqkTw6uzjg6jiCCUDhWy9FvbWOK7pS99eq6FMJ-VmSfz9lZsRrYthhIAPLW-qXf6CaxYLU2GnZaYbg7KRxMoPlIfqh0RmvnS5T4y0Yom-ZUsI7tFgqNKklwA9MUOF0pRUh9nkrDWWzSaXv48ix35-XN6sQaiL8BUcAqZMgZjSVWK8JvwpgB4SikvTPIjY3bqGMrEDBWlIE124Kh2pKsnFZsbsx1E8gxQe9zzTISFTosI3ice5fYwMte1VU9kmXPJ8GzKYD49eYe8x_MebTIUgWc%26adurl%3D&documentReferer=https%3A%2F%2Fblog.paleohacks.com%2F&ancestorOrigins=https%3A%2F%2Fblog.paleohacks.com&random=131638126819&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 168

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cver=1&google_push=Aer7DvIHCL3D9svIqHzrFiAm6ao3KkFcq5Nm0JtfZ8mVLjXm5IaJDrzFSUT7Rw2SyKEv-s7Dp71-5EkyhRUpZWrollF3YcGZMfo9PQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cver=1&google_push=Aer7DvIHCL3D9svIqHzrFiAm6ao3KkFcq5Nm0JtfZ8mVLjXm5IaJDrzFSUT7Rw2SyKEv-s7Dp71-5EkyhRUpZWrollF3YcGZMfo9PQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0F4aDdvUE8xUE9ha2E1&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cver=1&google_push=Aer7DvIHCL3D9svIqHzrFiAm6ao3KkFcq5Nm0JtfZ8mVLjXm5IaJDrzFSUT7Rw2SyKEv-s7Dp71-5EkyhRUpZWrollF3YcGZMfo9PQ

Request Chain 169

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFJ5S06IwOBtFkQ4hFY24rU&google_cver=1&google_push=Aer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJ5S06IwOBtFkQ4hFY24rU&google_cver=1&google_push=Aer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 170

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF_yx851iA8X7JeXB5v2lhc&google_cver=1&google_push=Aer7DvKWW8CFKUU6p3TdUGyfEClG4tpFRI2Vbc5skM728FV3o7YvdjC3zQH_2BAWI9QIXk4ONifP1-LzknbKEAzBhh5rIhE3GfXb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_yx851iA8X7JeXB5v2lhc&google_push=Aer7DvKWW8CFKUU6p3TdUGyfEClG4tpFRI2Vbc5skM728FV3o7YvdjC3zQH_2BAWI9QIXk4ONifP1-LzknbKEAzBhh5rIhE3GfXb

Request Chain 171

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAblOwGTtMTsBwlrwON7jpw&google_cver=1&google_push=Aer7DvI0yopb1EZKdG8TtNUo_Aj40nv9nzn3Bd9nEBpoj8husTHpCyRBnbhcNrXJq0AuXB88cKgrBJExZDFtxT_y3Io0v92Ws1KH2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI0yopb1EZKdG8TtNUo_Aj40nv9nzn3Bd9nEBpoj8husTHpCyRBnbhcNrXJq0AuXB88cKgrBJExZDFtxT_y3Io0v92Ws1KH2w&google_hm=eS0xWVdIMXVkRTJwRjhxODV6SWl0NE5TdUJ2RW9DT0dwZH5B

Request Chain 172

https://d5p.de17a.com/cookies/google?google_gid=CAESEFk-rIJWohmmc6yug9Q-V-g&google_cver=1&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJAVzHTtPw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFk-rIJWohmmc6yug9Q-V-g&google_cver=1&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJAVzHTtPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJAVzHTtPw

180 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/contact-us/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/9962053/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/8c9dbf3db64c6e1dedc65672f78286b96c023b0d?ana=Im1wY2FtcGFpZ25pZD05OTYyMDUzIg==
http://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

74 KB
17 KB

1148ms
1126ms

Document
text/html

2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: 62d360452fdb4f527258db49ea59e78293d60e55794f92a06facc87545ddba70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7b8faa54dded9bc2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Apr 2023 21:54:12 GMT
expires: Sun, 16 Apr 2023 21:54:11 GMT
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/", <https://blog.paleohacks.com/wp-json/wp/v2/pages/22>; rel="alternate"; type="application/json", <https://blog.paleohacks.com/?p=22>; rel=shortlink
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

CF-RAY: 7b8faa549d5d382b-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 16 Apr 2023 21:54:11 GMT
Expires: Sun, 16 Apr 2023 22:54:11 GMT
Location: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
88 B 25ms
18ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 62512
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b8faa5bfd2e9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Tue, 16 May 2023 04:32:20 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-includes/css/ 58 KB
35 KB 26ms
19ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dashicons.min.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 25130
etag: W/"60782985-e687"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd299bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 14:55:22 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 31ms
25ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:09:15 GMT
server: cloudflare
age: 62512
etag: W/"5f7cc0db-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd2a9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 04:32:20 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 28ms
21ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 501284
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd2c9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 11 May 2023 02:39:28 GMT

GET
H2 200 font-awesome.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 30 KB
7 KB 26ms
20ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2038744
etag: W/"60d1dffd-7918"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd309bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 07:35:08 GMT

GET
H2 200 fonts.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 2 KB
477 B 23ms
17ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0713ea500e4a6a33fbed93ce88ecfcc3333bbdce608f5f07fddf8ac74337f8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 290782
cf-polished: origSize=1942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
etag: W/"60d1dffd-796"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd329bc2-FRA
expires: Sat, 13 May 2023 13:07:50 GMT

GET
H2 200 front.css
blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/css/ 950 B
338 B 487ms
482ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1681682051
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4030bfa42716d19ae274676604a4d4dec5277ab60c4dcd64e61d0df5f9c573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
etag: W/"5b86955a-3b6"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd359bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 21:54:12 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 3 KB
959 B 474ms
469ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1681682051
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903d8d5de01ac0b9aedf5aecbf964498c581cbf6656751999560442e6cc700b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Oct 2019 15:47:58 GMT
server: cloudflare
etag: W/"5d9e012e-ab4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd379bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 21:54:12 GMT

GET
H2 200 twitter-feed.css
blog.paleohacks.com/wp-content/plugins/wp-to-twitter/css/ 1 KB
569 B 32ms
27ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 25128
cf-polished: origSize=1742
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 06 Apr 2021 13:07:36 GMT
server: cloudflare
etag: W/"606c5d18-6ce"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd3a9bc2-FRA
expires: Tue, 16 May 2023 14:55:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 49ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d78b559002120af3c4376636b7f40138ab379b5cc6a5199a2a0488dfea1ce242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 21:54:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 21:54:12 GMT

GET
H2 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
14 KB 31ms
26ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 1914311
etag: W/"606c5cdc-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd3c9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Apr 2023 18:09:00 GMT

GET
H2 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 33ms
28ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 1914311
etag: W/"606c5cdc-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd449bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Apr 2023 18:09:00 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/plugins/simple-social-icons/css/ 1 KB
505 B 32ms
27ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 2352968
cf-polished: origSize=1228
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
etag: W/"5ebd41ca-4cc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd469bc2-FRA
expires: Wed, 19 Apr 2023 16:18:04 GMT

GET
H2 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 34ms
29ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2358415
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd479bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 14:47:17 GMT

GET
H2 200 formreset.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 4 KB
444 B 490ms
485ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
etag: W/"60d1e023-f14"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd489bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 21:54:12 GMT

GET
H2 200 formsmain.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 78 KB
12 KB 504ms
499ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7e03d96b7488534a42f105301448c6b44acc3309f0c28c9a7920542eeaa9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
etag: W/"60d1e023-139fc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd499bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 21:54:12 GMT

GET
H2 200 readyclass.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 30 KB
4 KB 482ms
477ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e74d79ea7ff2237e976687dbf185cb576b4fa4f2fa04647f611820dfff67268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
etag: W/"60d1e023-77fc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd4a9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 21:54:12 GMT

GET
H2 200 browsers.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 9 KB
1 KB 506ms
502ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696518bd8dfc4146f7ddf61031068a38b84e326a0059e67038a3b61db40efb6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
etag: W/"60d1e023-22ab"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd4c9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 21:54:12 GMT

GET
H2 200 sspop.css
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 32ms
28ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/css/sspop.css
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 2212126
cf-polished: origSize=4778
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
etag: W/"5b86955a-12aa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd4e9bc2-FRA
expires: Fri, 21 Apr 2023 07:25:26 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/themes/paleohacks/ 22 KB
5 KB 39ms
35ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/paleohacks/style.css?ver=1.2.0.12820200113
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d3e5c9fb15f3cfd863ca4b8d2144e308acbce5b319dee97f70661130c3878c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 1778624
cf-polished: origSize=29969
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 28 Jan 2020 01:13:56 GMT
server: cloudflare
etag: W/"5e2f8ad4-7511"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7b8faa5bfd4f9bc2-FRA
expires: Wed, 26 Apr 2023 07:50:28 GMT

GET
H2 200 jquery.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 95 KB
34 KB 37ms
33ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Aug 2019 16:00:11 GMT
server: cloudflare
age: 316017
cf-polished: origSize=96873
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd519bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 06:07:15 GMT

GET
H2 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 54 B
261 B 33ms
29ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 530699399fd7548a91ac3f2bb58609584569f0520fbaa67c6dbe625cde7a5e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 290782
cf-polished: origSize=68
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd529bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 13:07:50 GMT

GET
H2 200 634.js Show response
blog.paleohacks.com/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 34ms
30ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/856/public/assets/js/634.js?ver=1.25.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 189753
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd539bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 17:11:39 GMT

GET
H2 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
442 B 34ms
31ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:09:38 GMT
server: cloudflare
age: 260849
cf-polished: origSize=1536
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd549bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 21:26:43 GMT

GET
H2 200 675.js Show response
blog.paleohacks.com/wp-content/uploads/415/904/assets/ 5 KB
2 KB 38ms
34ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/904/assets/675.js?ver=2.12.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f9962a622a241decfe5721c5fd2a68f871f223088b4423b99a996679de7631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 189753
cf-polished: origSize=9328
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd569bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 17:11:39 GMT

GET
H2 200 svgxuse.js Show response
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 4 KB
1 KB 36ms
32ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
age: 260849
cf-polished: origSize=9238
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd579bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 21:26:43 GMT

GET
H2 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 919 B
505 B 34ms
31ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6778639759f20ac4c647b91f5620427756b3b59a3d1e05b544a90a75e4bf8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 290782
cf-polished: origSize=1385
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd599bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 13:07:50 GMT

GET
H2 200 653.js Show response
blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/ 91 KB
27 KB 39ms
36ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/653.js?ver=2.12.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94de4f783ba7c57d7ce8932e3ef6b26f064e54d42c66ec30f43e5733a22faa7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 290782
cf-polished: origSize=92993
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5bfd5b9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 13:07:50 GMT

GET
H3 200 jquery.json.min.js Show response
blog.paleohacks.com/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 494ms
488ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3d00039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H3 200 gravityforms.min.js Show response
blog.paleohacks.com/wp-content/plugins/gravityforms/js/ 45 KB
14 KB 663ms
657ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833a47a0bb64a6d5647c22b94732cfd1baee4025b10d2cc0ad8b100e54f6da7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3d02039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 1337ms
1289ms Script
text/javascript 2600:9000:21f3:600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 21:54:15 GMT
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: tbq9cz1gENQVFXjFI2x-bmr28rL62K9tpzOxiGCXXfXxNi5W1KoeSA==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 31ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53d45289360cb7952c27612c6491fdebfd88c61dac419975f8d851041c2f7c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Apr 2023 21:54:13 GMT
content-md5: lRue6x6S2I+UZOI+P4AeVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: NB6qtC8BJYDinWSr4lnerjq3uwq/8zBfi/08fNaHEVb6SfrltCnGZB5r32rKOJrCnHylMVcxfkyvuB2KQtmThw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: bbcfbe25368c0725a22a0e5b9b0ddebd
cross-origin-opener-policy: same-origin-allow-popups
etag: "0f605927e684d8bbf9f8fd9663af438a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:10:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 196ms
148ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

390943828e1eb3ba63d62d2da52797e5151d0dad0c23fff51925263d2fad1299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25618
x-xss-protection: 0
server: cafe
etag: 807 / 19463 / m202304110101 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 21:54:13 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 131 KB
46 KB 71ms
24ms Script
text/javascript 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1239619bed0424b7d404dd2030313bed1b7681c4e6d2a00f5709701c263f7d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-mnt-h: 22-jxfb
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 16 Apr 2023 21:54:13 GMT
server: Apache
etag: "146dae70a4dca5210f094f0bc843743e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-v2l2
expires: Sun, 16 Apr 2023 21:59:13 GMT

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 46ms
41ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
cf-cache-status: HIT
age: 2352146
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b8faa5f3d03039a-FRA
expires: Wed, 19 Apr 2023 16:31:47 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
16 KB 43ms
38ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
cf-cache-status: HIT
age: 291004
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b8faa5f3d04039a-FRA
expires: Sat, 13 May 2023 13:04:09 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 43ms
38ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
cf-cache-status: HIT
age: 2120832
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b8faa5f3d07039a-FRA
expires: Sat, 22 Apr 2023 08:47:01 GMT

GET app.js
90f1d619-be9a-4fa0-8e2c-f0f18a8501ff/js/ 0
0

GET
H3 200 paleohacks-logo-black-1.png
blog.paleohacks.com/wp-content/uploads/2017/08/ 2 KB
2 KB 50ms
45ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2017/08/paleohacks-logo-black-1.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708970c58cd4f871a3f3ffb9309d7e696a537afd00fc7e0d78ccf21137032136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
cf-cache-status: HIT
age: 290780
cf-polished: origFmt=png, origSize=3119
content-disposition: inline; filename="paleohacks-logo-black-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2012
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 20:01:17 GMT
server: cloudflare
etag: "5dc71b0d-c2f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b8faa5f3d08039a-FRA
expires: Sat, 13 May 2023 13:07:53 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 115ms
25ms Script
application/javascript 2a02:26f0:6c00:1b3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1b3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=280
accept-ranges: bytes
content-length: 203

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11715aec7f7cf76332d464d65a2ce85ed2c12fc4a90cadf0e191418af2df3d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 188634
cf-polished: origSize=21011
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f1cb2039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 17:30:18 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
983 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 361983
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f1cb8039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 17:21:09 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/js/ 428 B
450 B 470ms
469ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1681682051
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d7b13e7c438f4fb9c6b2f9940e9193c9a25c1bb1ed4625d1badbac8882db2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cd9039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
1 KB 528ms
521ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1681682051
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222e024a119ff514e245cc07990f912a400c337efce19b567a6661d23c310938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 13 Apr 2019 00:14:12 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3ce4039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/uploads/415/578/public/assets/js/ 4 KB
2 KB 42ms
35ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/578/public/assets/js/556.js?ver=1.8.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 537523
cf-polished: origSize=5914
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3ce8039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 17 Apr 2023 16:35:30 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
2 KB 31ms
24ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=5.5.11
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 448353
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3ce9039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 17:21:40 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
732 B 36ms
29ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 374573
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cea039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 13:51:20 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 45ms
38ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 119166
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cec039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 12:48:07 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
461 B 28ms
21ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 320914
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3ced039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 04:45:39 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 47ms
40ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 403846
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cef039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 05:43:27 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 43ms
36ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 578022
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf0039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 17 Apr 2023 05:20:31 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 34ms
27ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 558496
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf3039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 17 Apr 2023 10:45:57 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
967 B 26ms
19ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 119166
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf4039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 22 Apr 2023 12:48:07 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
302 B 28ms
22ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 374573
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf5039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 13:51:20 GMT

GET
H3 200 wp-polyfill.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 608ms
601ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Oct 2020 19:09:15 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf6039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H3 200 dom-ready.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/ 1 KB
822 B 553ms
546ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/dom-ready.min.js?ver=93db39f6fe07a70cb9217310bec0a531
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Sep 2021 11:54:45 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf8039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H3 200 i18n.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/ 9 KB
4 KB 484ms
477ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/i18n.min.js?ver=4ab02c8fd541b8cfb8952fe260d21f16
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94dccf2419dd78e21ecaba757fed0df6f51de96a941b02e7e10c5f12d3d360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Sep 2021 11:54:45 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cf9039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H3 200 a11y.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/ 3 KB
1 KB 501ms
495ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/a11y.min.js?ver=f23e5b9c6e4214e0ec04d318a7c9f898
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc22b03cd2b5ae6dd2e8a557783fcad0f14d939e7eb8be2128dc3a75483087ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Sep 2021 11:54:45 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cfc039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Apr 2023 21:54:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 152ms
130ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?ver=20160428

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75ddb20661ab8dd83e5f6c8b17ebf185ed257668e424e0a5fa04877e9a37b5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Apr 2023 21:54:13 GMT
content-md5: 5t9I/uBR19rmWHbsM2yEyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: aEmZnQMAFXy13apX6mxe3Fyo/EHdsN6w290UC5WQH0femtTWTiArHomR/grvU35dFwxHx9ZxkNfqL+Na4ZP1Jg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
x-fb-content-md5: 5e2b172cd7397ef2004b44da990f0378
cross-origin-opener-policy: same-origin-allow-popups
etag: "d6154e21ddfb81a629ff60918ad72929"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:14:13 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 41ms
34ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=20160428
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d6c798742eedb9be8babd47ebaaace2c45e45d1bb86a4b1bf55a827980b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
age: 188634
cf-polished: origSize=4756
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cfd039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 17:30:19 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 38ms
32ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=10.9.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337548e5a49f9b0543f04e26958548f23cf9914ba71aecc4de6005597dd7a910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
age: 260850
cf-polished: origSize=3949
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7b8faa5f3cff039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 21:26:43 GMT

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 324ms
103ms Script
text/javascript 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
25 KB 129ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40170fb922e0e5fb620e58b27e3c9cfcb334b90427c32c53959223239a9815b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25599
x-xss-protection: 0
server: cafe
etag: 388 / 19463 / 31073791 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 21:54:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
78 KB 70ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30db97675a54d91b0b99d482d3b4ff459ffafee1470ad4855ce0bd3cbcbca2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79500
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Apr 2023 21:54:13 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 19 KB
8 KB 40ms
35ms Other
image/svg+xml 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
age: 2257552
etag: W/"5ebd41ca-4b81"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 7b8faa5f3d09039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:48:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 41ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 472989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

OPTIONS
H2 200 /
api.ipify.org/ Frame 0
0 561ms
131ms Preflight 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-77.static.webnx.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://blog.paleohacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://blog.paleohacks.com
content-length: 0
date: Sun, 16 Apr 2023 21:54:13 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 / Show response
api.ipify.org/ 21 B
60 B 131ms
131ms Fetch
application/json 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-77.static.webnx.com
Software: /
Resource Hash: fb7a622ecf9bf756312e419109dda852ea1a50445cf9ba907ef2cfb2be59b9bb

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://blog.paleohacks.com
date: Sun, 16 Apr 2023 21:54:13 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8e9068dfc00cca41fde2f3c8bd4d369f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e1a581a619d1c6a1a9b8adb2d8e1d105241e8fe166cc372237a22d3352feaa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Apr 2023 21:54:13 GMT
content-md5: 5JUxaYpYrJR45TrJfx3VDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88580
x-fb-rlafr: 0
x-fb-debug: WhNwgpQd6JiT8yeH9a8t1ZIFFPWXko5fGS/6BniaTsTOrLQtv46rzo4iHQBQSWD7VLbxoxUPnnIVTdc2TWBLIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 607a4951db2d6810e7f62aa98bdcb351
cross-origin-opener-policy: same-origin-allow-popups
etag: "e6325c294ac37f4456f1336aa6d05ee4"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 15 Apr 2024 19:59:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 2 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1681682053116&cv=11&fst=1681682053116&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&hn=www.googleadservices.com&frm=0&tiba=Contact%20PaleoHacks&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c962694bae9b9c9e115e3d0d7393dafaf1fdc0c06a0e22c2eb5914253d762e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1197
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Apr 2023 20:35:42 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4711
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 16 Apr 2023 22:35:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Apr 2023 21:54:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wMOlvPIdDyxftMZ5jygWGfd8SPKreBeNIIZGwHqX7XFrDMiKqO/HZn83NpWGDMP5iRiC8a/nm4GZ0G0+wp/OMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
750 B 17ms
16ms Script
application/javascript 2a02:26f0:6c00:1b3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1b3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 484

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 492ms
451ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2ab5Khwb9CJIN0Gkb49dSHVVT34R9rjqtT4oy2Gp%2BNRSErYokuVw0YCtqFJ8acAc9H6IBY9srRzsJAcXHhocdR6yyMg6JQd7pW3zkj9P8Bq3NzRSH79mn6ehMyCW36bNddeP2ZHnkvnCHV6XKpAUgOmHYTr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b8faa6058c72c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 51 KB
18 KB 34ms
8ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7cceac0e1b94c5964df6d6da287f575859f66716dfb73ce20317061829ac4704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 14:24:00 GMT
content-encoding: gzip
age: 27013
x-guploader-uploadid: ADPycdt27XzzdDv_a_Ioumlfe9qzLRJKHxaAREZ7bMtGgrd2DIWw1XbN83fdOPNvU18b0qlYhI3x7HsTeQgl7hsz2ybb
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17668
last-modified: Fri, 24 Mar 2023 19:07:41 GMT
server: UploadServer
etag: "f33a0f9c1247a4ca80af96ee30b43366"
vary: Accept-Encoding
x-goog-generation: 1679684861532215
x-goog-hash: crc32c=SVKeCw==, md5=8zoPnBJHpMqAr5buMLQzZg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17668
accept-ranges: bytes
expires: Mon, 17 Apr 2023 14:24:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3344028895a8f92eed90a9498b770b22e5807e141f788a59e0966878a00ba975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Apr 2023 21:54:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=510626776365517&ev=fb_page_view&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&rl=&if=false&ts=1681682053177&sw=1600&sh=1200&at=

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Apr 2023 21:54:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/ 398 KB
124 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 19:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8520
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126408
x-xss-protection: 0
server: cafe
etag: 11042757488233447259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 15 Apr 2024 19:32:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 76 B
86 B 55ms
41ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.paleohacks.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fcc89ee1dcff30a72b389ba5afdc255829e83db910b0b1f3351af881f83c5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Sun, 16 Apr 2023 21:54:13 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 14ms
13ms Script
application/javascript 2a02:26f0:6c00:1b3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.024241445199965517
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1b3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=281
accept-ranges: bytes
content-length: 18679

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Apr 2023 22:13:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=821110344&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&ul=en-us&de=UTF-8&dt=Contact%20PaleoHacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAjAAAAACAAI~&jid=650074070&gjid=1076699564&cid=1801483012.1681682053&tid=UA-42752472-1&_gid=2019736244.1681682053&_r=1&_slc=1&gtm=45He34c0n81TJTDCJG&cd1=uncategorized&cd2=February%2028%2C%202013&cd3=PaleoHacks%20Team&z=531465013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
455 B 43ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1681682053116&cv=11&fst=1681678800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&frm=0&tiba=Contact%20PaleoHacks&fmt=3&is_vtc=1&random=2897386254&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
455 B 41ms
19ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1681682053116&cv=11&fst=1681678800000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&frm=0&tiba=Contact%20PaleoHacks&fmt=3&is_vtc=1&random=2897386254&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Apr 2023 21:54:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GCLCvOUJFl7TVfM0vBUtV2TjbejHrTMpewGjHHcfkL5me6RTMFG1K3JK1K0dhCqsBEhdKzoBnZ8bmUIIbs7fNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 405752247076167 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 158ms
158ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405752247076167?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

626c31d6ad190b522928dd0304e821d889275ead9192271fa5aeb70d7b80903e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Apr 2023 21:54:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8VRtDbWV/1z7/ylqYIjfWN0PUMrOiSKHzeKOIdovq3KsqczJa91fHZOMZuxsRkDWHy1snLUPAQoGUv6zv/stng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.da2a1c8f.js Show response
s.pinimg.com/ct/lib/ 57 KB
17 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00:1b3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1b3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17556

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 39ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je34c0&_p=821110344&_gaz=1&cid=1801483012.1681682053&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681682053&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&dt=Contact%20PaleoHacks&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 68ms
22ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=1801483012.1681682053&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=1801483012.1681682053&gtm=45je34c0&aip=1&z=1876370505

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 40ms
21ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-42752472-1&cid=1801483012.1681682053&jid=650074070&gjid=1076699564&_gid=2019736244.1681682053&_u=YEBAAEAiAAAAACAAI~&z=692349599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-81910700-1&cid=1801483012.1681682053&jid=268861342&gjid=1528991193&_gid=2019736244.1681682053&_u=aGDAiEAjBAAAAGAAI~&z=2117693033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=821110344&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&ul=en-us&de=UTF-8&dt=Contact%20PaleoHacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAACAAI~&jid=268861342&gjid=1528991193&cid=1801483012.1681682053&tid=UA-81910700-1&_gid=2019736244.1681682053&gtm=45He34c0n81TJTDCJG&z=1339232431

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13741
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
858 B 137ms
35ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2615989242318&cb=1681682053335&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.08d53e17.1681682053.db7d364
x-envoy-upstream-service-time: 2
content-length: 375
x-pinterest-rid: 5174607015518320
pin-unauth: dWlkPU9XSmlNV0U1WWpRdFlXSm1NeTAwWmprd0xXSmhabVF0TVRoa1lUQmhNakZrWkRNMA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 127ms
36ms Image
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1681682053346

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.08d53e17.1681682053.db7d365
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 2779454030599952
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-42752472-1&cid=1801483012.1681682053&jid=650074070&_u=YEBAAEAiAAAAACAAI~&z=1630496016

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-42752472-1&cid=1801483012.1681682053&jid=650074070&_u=YEBAAEAiAAAAACAAI~&z=1630496016

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-81910700-1&cid=1801483012.1681682053&jid=268861342&_u=aGDAiEAjBAAAAGAAI~&z=288620136

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-81910700-1&cid=1801483012.1681682053&jid=268861342&_u=aGDAiEAjBAAAAGAAI~&z=288620136

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&rl=&if=false&ts=1681682053564&sw=1600&sh=1200&v=2.9.101&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1681682053563.2022593298&it=1681682053246&coo=false&tm=1&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Apr 2023 21:54:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&rl=&if=false&ts=1681682053566&sw=1600&sh=1200&v=2.9.101&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.1.1681682053563.2022593298&it=1681682053246&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Apr 2023 21:54:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 453ms
452ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3254
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcFS4vdoyL1kqOGVrVduNZaIBP5WLUflwXj4BAJS2lH7HdIG98IUMF0Dxlt531LPIq5Gu5%2FmTVJBG9V%2BMdjj9%2F3HA%2BBknTNWQI8a0KXmg6NdvsFBAnAQ%2BsHZ1qYH3i%2BwsGbKAMd9mmB%2BTznrKekLpxdoAh5FCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b8faa635c192c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=821110344&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&ul=en-us&de=UTF-8&dt=Contact%20PaleoHacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Contact%20PaleoHacks&_u=aGDACEAjBAAAAGAAI~&jid=&gjid=&cid=1801483012.1681682053&tid=UA-42752472-1&_gid=2019736244.1681682053&gtm=45He34c0n81TJTDCJG&z=987003127

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13741
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 217.64.151.8 Show response
ip2c.org/ 39 B
240 B 123ms
26ms Fetch
text/html 77.55.216.90
NAZWA

General

Check archive.org

Show headers Download Go to

Full URL: https://ip2c.org/217.64.151.8
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.55.216.90 , Poland, ASN15967 (NAZWA, PL),
Reverse DNS: dedicated-aii90.rev.nazwa.pl
Software: nginx /
Resource Hash: 98ccfce8ab03e4fbdfd9a102041136c596409b088ac5a9df0c9c72044f8f6ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 16 Apr 2023 21:54:13 GMT
Server: nginx
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1F58 0
18 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://blog.paleohacks.com
Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://blog.paleohacks.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 21:54:14 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 107 KB
37 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/paleohacks/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5998767baca7514de03505489a32eb525c0dcb8995e18d65a67fd9258fd8b94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: 7_xguDX3rYESMkMgr09UJcW4Kvi1UbH9
content-encoding: gzip
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 21:49:45 GMT
x-amz-cf-pop: FRA2-C2
age: 270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Apr 2023 15:00:53 GMT
server: AmazonS3
etag: W/"1ec5cae3d0e2776347f1e1f331bfba8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: y7qAT2IfCLbKCfVFbcjI3qsqir4qghBSmjWQg_PAVUyGoX2WbT4N_A==

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 10 KB
2 KB 1286ms
1285ms XHR
application/json 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

496da68c64c7bf7a38e58df574e51491d5f4427b35b0d929da5fcfe67648d8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7b8faa67ae9c039a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 /
blog.paleohacks.com/contact-us/ 30 KB
30 KB 1459ms
1459ms Image
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=0
cf-ray: 7b8faa67aea7039a-FRA
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/", <https://blog.paleohacks.com/wp-json/wp/v2/pages/22>; rel="alternate"; type="application/json", <https://blog.paleohacks.com/?p=22>; rel=shortlink
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 16 Apr 2023 21:54:14 GMT

GET
H3 200 Hind-Regular.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/ 93 KB
93 KB 27ms
26ms Font
application/octet-stream 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92

Request headers

Referer: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.11
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:14 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 25580
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 7b8faa67aeaa039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 14:47:53 GMT

GET
H3 200 Montserrat-SemiBold.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/ 79 KB
79 KB 20ms
20ms Font
application/octet-stream 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025

Request headers

Referer: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.11
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:14 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 943900
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 7b8faa67aead039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 05 May 2023 23:42:34 GMT

GET
H2 200 like.php Show response
web.facebook.com/v4.0/plugins/ Frame 0C8C 0
2 KB 157ms
113ms Document
text/html 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a504f4867b2c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff344dde49b58414%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8e9068dfc00cca41fde2f3c8bd4d369f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 16 Apr 2023 21:54:14 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: KQkuOYTFfF9VC9AIkgNUNaRtj5UKRgGgNX9DD9+QcOukXhCN7R9CA0QoEGhOVasMA0a7QNQ+q8N67Vejm+18cg==
x-xss-protection: 0

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 19ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1648
cf-polished: origSize=4494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y24Qw6ez7edEw7JNbUzfU5M3zyliN0BuJBktwlOzBwCXgvLnZm6Q4awHuv9llcetLMpgCA%2FqrveQXJTELuBMTL7WCx10Z9NsVzrr9K%2FEX%2BIVJ8loS%2B8MEHGNVjD4DA%2F1zkhNA%2FoV33reUPsJzKddwdN5Fzed9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b8faa67eae1913c-FRA

GET
H2 200 /
log.pinterest.com/ 0
338 B 65ms
37ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=fgEGJHchUVKd&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 16 Apr 2023 21:54:14 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1309017290431489
content-length: 0
x-served-by: cache-fra-eddf8230082-FRA
pragma: no-cache
server: envoy
x-timer: S1681682054.426362,VS0,VE26
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
285 B 415ms
372ms Fetch
application/json 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=2be01f86e0584ac48692cfbb8adb42dd
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 7b8faa686d735c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
179 B 146ms
106ms Ping
text/plain 104.18.43.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.17.7_e37832e8fc&pd=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&u=2be01f86e0584ac48692cfbb8adb42dd&c=paleohacks&ceid=UsU&lt=1681682054418&tag=modern&cs=180588263&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1681682054423
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 5
cf-ray: 7b8faa686ea23681-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
383 B 385ms
385ms Script
text/javascript 2600:9000:21f3:600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 01:33:44 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 73231
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: fdGG63vdvEGU6GHEHz9fIJXp6U5iAco6CISdS1M32NEwTZ0qPB8HTg==

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
737 B 512ms
500ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 732dc53b668bcc72d493af75120d45fa87d975af66eaed42f8f794a50d789303

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhBbSD7jdKPCSOGOGyj1AZByZGIIwjQmM6J5JviUhDqJLy2Qs%2FyfryCzjwnJI5K4QwzCx2du72F62KwLiLKP%2F6VRpAmRi3UHHc%2BCrU6ghKCf0dyQc%2ByVlHZLeUFJmnCQfWfVkFx%2FM3tsJ1mR5q%2BtKdOz7N%2FBaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7b8faa685c8f90f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 403ms
403ms Fetch 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.17.7&r=&id=2be01f86e0584ac48692cfbb8adb42dd&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 22
cf-ray: 7b8faa6aafad5c38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
api.ipify.org/ 21 B
68 B 132ms
132ms XHR
application/json 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-77.static.webnx.com
Software: /
Resource Hash: fb7a622ecf9bf756312e419109dda852ea1a50445cf9ba907ef2cfb2be59b9bb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://blog.paleohacks.com
date: Sun, 16 Apr 2023 21:54:15 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
632 B 194ms
194ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=147429229&activity_type_id=1&fbp=fb.1.1681682053563.2022593298&fbc=undefined&ga=GA1.2.1801483012.1681682053&client_ip_address=217.64.151.8&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/112.0.5615.49%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 6bb15d00b382da2bee6fd202e2dbab0719303ccbabde9ab0bb0593defffc2138

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVjM9Sb3zlsLn2W2lah0uuxvqXVuKDS9wZ%2FRIAoSvjkwTWrvWMsdK8W7bzDvzSJhDY1TsQrvUxv2JX0o2xcblxTAB1%2FmWuKy0iTiaFV8f5Pvr5BqnhPSQUxUhrjaT%2F3L6cgcnMZHvtq45AQy%2ByPi7ar74xF%2FCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7b8faa6c5fb990f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 createUrlParam Show response
track.mypaleorecipe.com/api/ 8 B
698 B 182ms
182ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createUrlParam?url_param_key=mpcampaignid&url_param_value=9962053&activity_id=25252802
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: d537d48fb27f8b4d54ff55e4e83a03f77e0da6ea76fb853c3c76db6a689868e5

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx7TZ7jIFcom5sgq1%2Fv00w4tcDzEqCVDBEPsuBCdQzaoZahfWYJ9A%2BTLK0qyOu1%2BgWN97wRu8tnVDHm0hm3qPzk0LSjE%2FYB2uL2VVXtsv6xP0tt2w6Z1EnaFLaPhvyIFjW7tdq%2Fq%2BYsFQhopTr%2F7LmFienzunQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7b8faa6d88b490f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 4 B
321 B 1102ms
1101ms XHR
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=22&_=1681682053647

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:16 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 7b8faa6dfdee039a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 64ms
25ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blog.paleohacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 44ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
60 KB 1728ms
1728ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3027382613438276&correlator=845236864037015&eid=31073791%2C31073829%2C31073836&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=1&adks=79842087%2C2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681682055683&lmt=1681682055&dlt=1681682052459&idt=852&adxs=-9%2C0%2C-9%2C-9%2C-9&adys=-9%2C1110%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%3Fmpcampaignid%3D9962053&frm=20&vis=1&psz=0x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C516%2C2%2C2%2C2&ohw=0%2C1600%2C0%2C0%2C0&ga_vid=1801483012.1681682053&ga_sid=1681682056&ga_hid=821110344&ga_fc=true&ga_cid=2019736244.1681682053

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

816f30d66827cb24a6ee4cd325ec3e0708270ddacf0b78253ece7a4dca2a1474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61889
x-xss-protection: 0
google-lineitem-id: 4712817545,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138236732969,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7FE 6 KB
3 KB 90ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 21:54:15 GMT
expires: Mon, 15 Apr 2024 21:54:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
751 B 50ms
6ms Script
application/javascript 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/?mpcampaignid=9962053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-6.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9199d9b2f9e0b8b4fbbb0b5ea4eb96c1fe9799288fcc8ee3a0d38c83c16c5a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:53:28 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 48
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 326
last-modified: Fri, 14 Apr 2023 08:08:02 GMT
server: AmazonS3
etag: "627f8232e0af65941dfdca80b6195354"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: Ru3VYPTEF0ibmeX3zNDCYYbwl6-D8l6w38TVrDwRqycF8YM8OxJk9g==

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 2744 565 B
589 B 33ms
33ms Document
text/html 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.08d53e17.1681682055.db7d896
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 16 Apr 2023 21:54:15 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1689011421720577

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 96ms
66ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0d6eb8605f5f69fae3350a08958258acc8b2f550b5241cacbf202b1ce5e4d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0

GET
H2 200 vendor.cd5059a8.js Show response
beacon-v2.helpscout.net/static/js/ 63 KB
22 KB 7ms
7ms Script
application/javascript 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.cd5059a8.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-6.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92aa11587aa820dc18977e3156bf9359e7694050c2d7d21a5cae435993c1bdea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:27:33 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22207
last-modified: Fri, 14 Apr 2023 08:08:02 GMT
server: AmazonS3
etag: "bbd7098212808bebe55346ec365016cb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: slTEijbMODkmiv2ysekQItPkYhQVdSDRmmuc70_HR51ZMGE8G98Mhw==

GET
H2 200 main.89b98198.js Show response
beacon-v2.helpscout.net/static/js/ 24 KB
10 KB 9ms
8ms Script
application/javascript 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.89b98198.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-6.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26c9352a21c5bf91d65a5c994fb6fb825854f53f5d2753338eba895a228a8f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:40:30 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9559
last-modified: Fri, 14 Apr 2023 08:08:02 GMT
server: AmazonS3
etag: "645f0bed266414ef8206ca600b6050e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 4Y6H15C0moTesEo2DGljDoecSWjdafwC7ooQt4dR0wvp-ah06Eqtxw==

GET
H2 200 e98469a1-0233-40c9-b2f8-48d4622a650d Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 6 KB
7 KB 105ms
105ms XHR
application/json 18.66.137.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/e98469a1-0233-40c9-b2f8-48d4622a650d

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.cd5059a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.137.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-137-213.fra60.r.cloudfront.net

Software

Resource Hash

48df57e7d19711e52ea797ee1a0605cbe4b6972042545f59216ad04974a6a103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 885ccaf5-f5fb-4037-ac29-0379fba25c2e
Helpscout-Release: 2.2.93
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: d2277271-7903-4e88-9b9c-e9c03d2a5d70
Referer: https://blog.paleohacks.com/
Helpscout-Origin: Beacon-Embed

Response headers

date: Sun, 16 Apr 2023 21:54:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-amz-cf-id: XzcSQsI5g_lyFZlO1vYn6WeL_e7Yr_U9Tp5Rkz5SHt8PVNqpRm0zbg==
x-ratelimit-limit-chat-tokens-hour: 25

OPTIONS
H2 200 e98469a1-0233-40c9-b2f8-48d4622a650d
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 0
0 161ms
106ms Preflight 18.66.137.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/e98469a1-0233-40c9-b2f8-48d4622a650d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.137.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-137-213.fra60.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://blog.paleohacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://blog.paleohacks.com
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 16 Apr 2023 21:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id: U09ZpRsxmQSr5cp38ASvP0Qqi3dN3Yh3s2XQsURhvI4rYsxOrzFm7w==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 56ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 21:54:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD24 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 20:07:52 GMT
expires: Mon, 15 Apr 2024 20:07:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5791 783 B
536 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ad361b506caebfcd81739dc75f9dc611a0c38714066fbead5353fdc38cf850c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ewGzNXJg1cvksRZCJqB5QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ewGzNXJg1cvksRZCJqB5QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 21:54:15 GMT
expires: Sun, 16 Apr 2023 21:54:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame BD24 36 KB
14 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5791 0
0 54ms
41ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304100101&jk=3027382613438276&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD24 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Gox8fQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304100101&jk=3027382613438276&bg=!srGlseXNAAZA7GLoYOw7ADkAdvg8WuN-e-AZlZLi8HyjLrvMJXwejfUAwUpVpHo_DsJD9HK2o0KCfDQdg2CPc4-ZGeAO_LF-XisCAAAAeFIAAAACaAEHmQMKhFESfP4-XwLMHfPQTv0x7UbuupN-xEp0nCLOw2I7cjvu0KAyB2v89a07OANk8IoIo-OJS0-SioFfAB3sgav-qSXl1U4yRWxHOEOOr5nID6A_izQ0Gr0frgiD6NTH6OjCxkjFvPjViA-smqYzi3XZTrN3g0FKab2s1TkD9jemKBbrY9j0q2Ivxn2lZAbQ70352EQb8fF2OIHmR8-Bbqz2shFYfN-fHf6FjnsciBheRNzjK9ZmPbpTEYZlrc7Bm9Ls8IBChepUkapg2YGR1_vsUN9wp1Qmff2EywIIRx8aHpC1San37a4454yDMmdTlClcgLDG21RUvPdQiEhxHtblbvlGGmlYFtZQE5FF5JN7RpSaOWNV_i1K4G14REJRO8mRtgv8t1nZohuI5cdmfu-xPBdmLAQcY1Ql3wsFW_-gllTZAUa5OK3rWZ_6JtPhxf50TvUlODSpynjACyYsT--iJbNAydnhQcJjzHrv8vttnbvfMh2KStlESthVy-IE1EslAQ1yl1nT78fdyV152RGh62tJGKtnYtLUlCdW7FM6UuBjn8Wf-QP4JyfiVGvkgMUURca7BdiJLOdlSbGza0Gx2uXfc38XHjE1LRolWZVX6HekusJMKqLMQ9_5FyBgBIhsnLNmLZSizluB7DZUENZ4vDaB3gZqgpQ3-eUY1fME_so3Mn8S7KPYuHqEqRNpXJ5xJKwUQLrqrD8KoAmq6zQe6JudQKhH7Jn40jD-xEJxGxWij-IGsmbLKYeYj963ohB-mONwE56pA3eD7umz3B6_WrrE14JjikHw0OPLKWVgkXjmjYCEM2QlQK0eTywS38u1iOFdZSjn6Dkz9saIaesepxwp4F2E-hBi_gLxu-5LfmDgDYgiHYd75xQEcQMabsc4zmh6UQm8vbgJvCcIODG_6t1X8EgWxvamyvgZ_p7_KR2_mggMvri_3CLjmxk3_2Lpw51BVVJlq9C_vZibMTWTOzr-v5yiuPuyZ0-rKGzjnno-k-nb5pRT0tOL2nuxM8mil1uG_iHFsniYpQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 container.html Show response
5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C268 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 21:54:15 GMT
expires: Mon, 15 Apr 2024 21:54:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BB5D 624 B
307 B 50ms
46ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVquYqktiwL11gNH9wOCPHrBO_t3F-woqRWKM64Fem_z_VHiQ4JN8-s9L6R_D2bpQnCLL_Z2jrGEBHXpBBkM2MelYgg46lokWvBbDzJwn7tKftKDLP9k1h-JSgrHF3BdV7GSazFp-xAltakdomi05zyKvcfFCgzfIdB-St12yRdd6Qlduc

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 21:54:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C268 78 KB
27 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 21:54:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C268 42 B
63 B 43ms
40ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSOvGvhu6jLRryDjW723gj188BkLdul5Ce2Yi2dHtIIRyR0znPe7qxdznDlyGFsVJqXPJSS-Xj87qmWFUxSIcZ1Gn0zPHdE8CsI5n0NRbLT-gDJYk

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C268 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3506998659630726032&x=1&ct=77

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C268 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 20:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 20:01:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C268 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 18:05:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C268 0
0 16ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6uhrmvBaIN0Prwb7gl6qS50NoQjAe-uDJV4XJ-BHZo3Cdn0xAJcu8j647a7rXTzqYQRrRes7D9gpnoTNyJmFYMHs-Sg
Requested by: Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C268 159 KB
49 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 21:54:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1&C=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVquYqktiwL11gNH9wOCPHrBO_t3F-woqRWKM64Fem_z_VHiQ4JN8-s9L6R_D2bpQnCLL_Z2jrGEBHXpBBkM2MelYgg46lokWvBbDzJwn7tKftKDLP9k1h-JSgrHF3BdV7GSazFp-xAltakdomi05zyKvcfFCgzfIdB-St12yRdd6Qlduc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB5D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDxuidoUE8dXzjyHQP0tjgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVquYqktiwL11gNH9wOCPHrBO_t3F-woqRWKM64Fem_z_VHiQ4JN8-s9L6R_D2bpQnCLL_Z2jrGEBHXpBBkM2MelYgg46lokWvBbDzJwn7tKftKDLP9k1h-JSgrHF3BdV7GSazFp-xAltakdomi05zyKvcfFCgzfIdB-St12yRdd6Qlduc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZHYfmWeRbr3lsht5txQf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BB5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFkhQGilg1JSe9XVhkVH_sU&google_cver=1

43 B
1 KB

7ms
6ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFkhQGilg1JSe9XVhkVH_sU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVquYqktiwL11gNH9wOCPHrBO_t3F-woqRWKM64Fem_z_VHiQ4JN8-s9L6R_D2bpQnCLL_Z2jrGEBHXpBBkM2MelYgg46lokWvBbDzJwn7tKftKDLP9k1h-JSgrHF3BdV7GSazFp-xAltakdomi05zyKvcfFCgzfIdB-St12yRdd6Qlduc

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
AN-X-Request-Uuid: 3f148c77-ff14-4c3b-a783-1536ddf6e6a4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFkhQGilg1JSe9XVhkVH_sU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BB5D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxNTM5MDIyMzYwOTE1Nzg1

170 B
243 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxNTM5MDIyMzYwOTE1Nzg1

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 16 Apr 2023 21:54:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2fad8f13-cfb0-4aad-a7a5-20b389d0da31
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxNTM5MDIyMzYwOTE1Nzg1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C268 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9620209538959&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C268 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9620209538959&version=m202301230201&ct=77&x=1&cor=3506998659630726000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C268 15 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-0rv5He3QzR8e4dGFAUQgP4r5VCVdSr41Be8RCzdAOEqxY1TjhmA7nmpgF6_RdlsqUxwCQfp9y3VLtU_HB-PtNcUSla64iJ5FFnnULo-vIgNzwK_fGJSzg7jFvIgJoalE8fd5zRBaiN-1y84vVnPt0I7T8GyXh3G-_dpQVXpQlHB9y-Q&cry=1&dbm_d=AKAmf-ChSw-lpoMxThgIPc21NM1PGj2ucrMfbjKw3aQUzqircQtPX7ilVjFoUy424OzLLsRd1CIikdBZNSWHf-q-0X1-daXc3Y_I9anz_NLuATrJHtpPDuCu5vPld6pHYntH2TzoJ5K3YF7l37dTAJR3qTuk-FD1ahtn0E4NoSLl7fzWjbT9OyHQ2lRwAt2AWsXNkMSol2LnYc6x9fx7PWs1ayfnWSSYx0bNs1yryma3QJpmc7hr2Zm1sJKNnzUn2x9TC2bYlmzaOBRasiolfAv3OB80SxG9eQ840wXPT8oKc-hrxziCl3qmXQyo3kOmiJ3L1VDYJEg-A4dQIKKQ8JT8M23wpWMuiXFUnG0jWqC-sZ-dR_SNJGa7FE59M-wauaDIR3l_r3igbJaS1nlyclFL5eix0yxkYIM6EXebnXOsSMGvfEP1Wx4eQl77zPMk1nFS-NHOpkS_debo44-HkV8oUDpsm8RbAehbBzc423PfV7RlnX25yLeB1UvnpjRXC-19EkOB3gF9QIqC40e-cgx0Pt1RGbhgcgJiLf_BArXoeOarsPTR_h_prnGEhDTcwZEelJp5ZrWkyE4un882R79h1aRwmUdPvk71shCbugM9rHdhwW8eAD7QqCerDZ1xdLajkLa6uH3RACHSOGrbjZNb13WRu8nKHdfDbwNoPhE19RrZ26Kd3vGmIiCGaamKJ2fkMtgJ1JIl8uMDyokFhWkEV2kqyk4yotq9BqW5qynq2wUR30QKF1m7F5bwDa4rlSmQnx6zXyJhTUBDXMiRND0CYqXsujEZ22lKVKxPnY1jLu6FqQd2oSWRISVq9Su8_nJ-zSuPQJVcxpbyIC8oHRK7dft9oFXNycBdwRElGk3MzXMeigZa8y6dR4W6VAcT1f2VeZ53ZQncxJpn0m9Fc4jZOtIfaiqauka038xsCsJt_zlj5ZVbcfYdFVgfH_2dUva_4_Y037W6tVfsWUqIYhnbNqlE2EMD2YscuZNV-cMWtE5NzCRD5OF5OdInC0Lr9snDJMdiNxTjRDJnNUwSkHH7jzuPGPxRC85r4Mc1I5Zi1BRrCNkvG1t5Y5NEjzPs6U78n_BOsxbNgt5KQM6uFphVHnM3hV_b6ryAX6rXvqWM7jwSBfuY24K-1Bzrg8L8MUjgo-vFK5qMlw8ZacWeP3rD0dOXf-LEamqPSoTaxi8p5g7yEa3bqihzdqI16P30LMo_kM_O0iWzRdSi_CNNMnWLgdq0IPzjjszOfGsUwWe_g1g9Ok9RMWUaU35MTKuivU6l3zFZMP3WH2HOZJtVR3l0HiCJbqPU3NYXtGDVg5bjjMz9Iq8U64CPO1VIbc3T_hd68QgsKexYlrZLSHtoJuc0ZgpvicXDbxhUg_AoAwpdb_bJnNKmYKNnywvAO69eijwjWZ-YAfwPSBdTHCNp8wKdXpd1IMOqlrC_3c6X2HrLlLkUtEpGejm-OQgI8dbx1qpG2TXZYBpBFXCzlZtVuEl_J-u0CgPVDfh9Q8UkWrinNOXNEIWYiybeD_a6JsfLHtHnBqo7c4RFN9ZjkeDBnp1kjvfohgSeg0Zh_5OwzYYenjdLdlgHO0dAAmVLXyAcWtrhi_Lqxkgmg0EI2_QxvkBWiysXYBQQVyGlxQ4U98cfdvBz12dm7NbzfzPGwYOqd8ptpsJhe9IPYZl86BCsQacgsbYk-bzTI9R3xojjEjJAUgKI6xaw3qDozNvB1kdbFMifEDCP_xz059nhBGgVvKGJvztEgPwGQjXj8KP_rAJdhof2a6qbanGbHbuKZnumz4UzcG1TkWkHENi3laZFqNycAELS12vREyj_foc-8GAsVO2xGxPJlPncJNgYR57PX54JLFilkKA9E0jJhuc0uIahJ2J_0SrImpDPUNXSoyuMBMx02xFKVvsyWVGprBJi7kFQ2pLc0kSYjuT8zviJ1xbfO0S4yIlyjsmnSDt6_fHUYacv8MLKaGW7v12wV7zlIx6TQjDUPUOYp127E1fVk8ivQIojvegiWqT-4AdVStbkSw8MJGQsljyqhC8RoHM7_mpg2MWn12fNJoUDU93isRmFRaUa4zkdNpogC3NYzc0yPNx9v2KXlYzSUshFq_rtvLdoUXfmR_8iLE-qRqQQx8j7o6dOQUQaD_27OeyafSuDcpyEc_wCwuwqkcgN0eXQ5GlbDFY_wpKS0eFnH-JIBZIxLJsRT_dJFQ104jBFH27HsaweON_Xv3hQtmwRKYCtRF5zjrEcVF2k9YlRIJZxs63x0poBt87got4zym-4BUA5Yz-GEVK5l0sVFmd8BgAQns8T6vGvLza54ODbBxIR0L4hss4ieqkBREYvxRrM3pgl6cUGr_6umJERGsSYH9EqjriDgtDqgVYigP4z5L1PpaJ80jeMxNn6uG5VsFUZepUrf0HnvFZyD2W5PteaP7BJwWB0XnGNiu2GIMk1oKPjyyipWtNmsInxmgh4ePL5lk8iz4_0eRkYSewRGET1YbP_ijzg3fKAzpIeOqka91HngMOSgjKzu5WAOgP6sKFJGC8StRdcePBEecXQGhpfoigQHoIomVbom0_mm575NL6u0-vrHMHjW8dVHvG0JIhJhh3jYPSE-lMqHyQVKn9lh7N__r5UIiPLs7_7IuOcQo3Pb9k6PyKxwT8N7pORvNvPFfCOk_2rcRbzSVEx_h9LNgIxw9t6UhBPBRwNtNY5PLiI8dOuVUgvIhacOFJNCr3rvR-hYuTlwoD-6vMFQA-tPzBdWo7e1KRzWKi3VglmTzReWf-anQp8XwYJ4k7F-_RaITisee4kyb5dxQKGwLS7iJSEu4Dj5cPchw6UHtafbGWKv_Qxnd7RWhM6biEzUPUvxGxWD0wz8lQJOY0n8QkgccZVERvn4HXQQYohonQ_iwdhCo2emuQSKLowbHcWg2hYvE9SbeJAxHe1OuM1hyAijxlbBT3IIDrtlFMEUhzQp44E7uQqFgOOajdSIIZURH4VtdGHYAjjXBegfL_rtNj0XChlFbq7lMd70iII5KRSz56rxtdyI7UfKSBBnbNkhrLzbvTLvp-BloVImPWXRWaMaEFGP2GHr10C4i48bcBkJNAaL-SA6siILD463wDElhYLDV-hDKd4sqHRWril2L33F47RnqHHQcaZj4hrGgumR2Q_xKikMsgys42xZb-rVOVVncEt964W4TrRcvEPmrF91QKtbs22as2yXFkH6zwAh0lylmH5H13YBZiY2o2cClAIKxGgIJNxloFKCdObJ-JtBzJ9HUdS3_v2kQX9UgpXa7kqpJMFYtIjcTo3PvFdBaMLAEgu7Ff34QLGryJBWr5EF0UvZAODwwJXXz_786qWf0WIVeInA1XsDYg7VrTG4MFFmK6QoAsQZxY-BGhFMNTRw5i8eLdylqBinIDKtdZOhWxd89sjBPAzxXBXSDBrZCksTbFXQXgkebbg4c59yF5ik62ltRT8elRjmrpN&cid=CAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fblog.paleohacks.com%2F&ds=l&xdt=1&iif=1&cor=3506998659630726000&adk=3047537735&idt=91&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a470ce828f9432bbefcf901b7cc79463d432527726654b3bc8b76d01be29bd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C268 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-0rv5He3QzR8e4dGFAUQgP4r5VCVdSr41Be8RCzdAOEqxY1TjhmA7nmpgF6_RdlsqUxwCQfp9y3VLtU_HB-PtNcUSla64iJ5FFnnULo-vIgNzwK_fGJSzg7jFvIgJoalE8fd5zRBaiN-1y84vVnPt0I7T8GyXh3G-_dpQVXpQlHB9y-Q&cry=1&dbm_d=AKAmf-ChSw-lpoMxThgIPc21NM1PGj2ucrMfbjKw3aQUzqircQtPX7ilVjFoUy424OzLLsRd1CIikdBZNSWHf-q-0X1-daXc3Y_I9anz_NLuATrJHtpPDuCu5vPld6pHYntH2TzoJ5K3YF7l37dTAJR3qTuk-FD1ahtn0E4NoSLl7fzWjbT9OyHQ2lRwAt2AWsXNkMSol2LnYc6x9fx7PWs1ayfnWSSYx0bNs1yryma3QJpmc7hr2Zm1sJKNnzUn2x9TC2bYlmzaOBRasiolfAv3OB80SxG9eQ840wXPT8oKc-hrxziCl3qmXQyo3kOmiJ3L1VDYJEg-A4dQIKKQ8JT8M23wpWMuiXFUnG0jWqC-sZ-dR_SNJGa7FE59M-wauaDIR3l_r3igbJaS1nlyclFL5eix0yxkYIM6EXebnXOsSMGvfEP1Wx4eQl77zPMk1nFS-NHOpkS_debo44-HkV8oUDpsm8RbAehbBzc423PfV7RlnX25yLeB1UvnpjRXC-19EkOB3gF9QIqC40e-cgx0Pt1RGbhgcgJiLf_BArXoeOarsPTR_h_prnGEhDTcwZEelJp5ZrWkyE4un882R79h1aRwmUdPvk71shCbugM9rHdhwW8eAD7QqCerDZ1xdLajkLa6uH3RACHSOGrbjZNb13WRu8nKHdfDbwNoPhE19RrZ26Kd3vGmIiCGaamKJ2fkMtgJ1JIl8uMDyokFhWkEV2kqyk4yotq9BqW5qynq2wUR30QKF1m7F5bwDa4rlSmQnx6zXyJhTUBDXMiRND0CYqXsujEZ22lKVKxPnY1jLu6FqQd2oSWRISVq9Su8_nJ-zSuPQJVcxpbyIC8oHRK7dft9oFXNycBdwRElGk3MzXMeigZa8y6dR4W6VAcT1f2VeZ53ZQncxJpn0m9Fc4jZOtIfaiqauka038xsCsJt_zlj5ZVbcfYdFVgfH_2dUva_4_Y037W6tVfsWUqIYhnbNqlE2EMD2YscuZNV-cMWtE5NzCRD5OF5OdInC0Lr9snDJMdiNxTjRDJnNUwSkHH7jzuPGPxRC85r4Mc1I5Zi1BRrCNkvG1t5Y5NEjzPs6U78n_BOsxbNgt5KQM6uFphVHnM3hV_b6ryAX6rXvqWM7jwSBfuY24K-1Bzrg8L8MUjgo-vFK5qMlw8ZacWeP3rD0dOXf-LEamqPSoTaxi8p5g7yEa3bqihzdqI16P30LMo_kM_O0iWzRdSi_CNNMnWLgdq0IPzjjszOfGsUwWe_g1g9Ok9RMWUaU35MTKuivU6l3zFZMP3WH2HOZJtVR3l0HiCJbqPU3NYXtGDVg5bjjMz9Iq8U64CPO1VIbc3T_hd68QgsKexYlrZLSHtoJuc0ZgpvicXDbxhUg_AoAwpdb_bJnNKmYKNnywvAO69eijwjWZ-YAfwPSBdTHCNp8wKdXpd1IMOqlrC_3c6X2HrLlLkUtEpGejm-OQgI8dbx1qpG2TXZYBpBFXCzlZtVuEl_J-u0CgPVDfh9Q8UkWrinNOXNEIWYiybeD_a6JsfLHtHnBqo7c4RFN9ZjkeDBnp1kjvfohgSeg0Zh_5OwzYYenjdLdlgHO0dAAmVLXyAcWtrhi_Lqxkgmg0EI2_QxvkBWiysXYBQQVyGlxQ4U98cfdvBz12dm7NbzfzPGwYOqd8ptpsJhe9IPYZl86BCsQacgsbYk-bzTI9R3xojjEjJAUgKI6xaw3qDozNvB1kdbFMifEDCP_xz059nhBGgVvKGJvztEgPwGQjXj8KP_rAJdhof2a6qbanGbHbuKZnumz4UzcG1TkWkHENi3laZFqNycAELS12vREyj_foc-8GAsVO2xGxPJlPncJNgYR57PX54JLFilkKA9E0jJhuc0uIahJ2J_0SrImpDPUNXSoyuMBMx02xFKVvsyWVGprBJi7kFQ2pLc0kSYjuT8zviJ1xbfO0S4yIlyjsmnSDt6_fHUYacv8MLKaGW7v12wV7zlIx6TQjDUPUOYp127E1fVk8ivQIojvegiWqT-4AdVStbkSw8MJGQsljyqhC8RoHM7_mpg2MWn12fNJoUDU93isRmFRaUa4zkdNpogC3NYzc0yPNx9v2KXlYzSUshFq_rtvLdoUXfmR_8iLE-qRqQQx8j7o6dOQUQaD_27OeyafSuDcpyEc_wCwuwqkcgN0eXQ5GlbDFY_wpKS0eFnH-JIBZIxLJsRT_dJFQ104jBFH27HsaweON_Xv3hQtmwRKYCtRF5zjrEcVF2k9YlRIJZxs63x0poBt87got4zym-4BUA5Yz-GEVK5l0sVFmd8BgAQns8T6vGvLza54ODbBxIR0L4hss4ieqkBREYvxRrM3pgl6cUGr_6umJERGsSYH9EqjriDgtDqgVYigP4z5L1PpaJ80jeMxNn6uG5VsFUZepUrf0HnvFZyD2W5PteaP7BJwWB0XnGNiu2GIMk1oKPjyyipWtNmsInxmgh4ePL5lk8iz4_0eRkYSewRGET1YbP_ijzg3fKAzpIeOqka91HngMOSgjKzu5WAOgP6sKFJGC8StRdcePBEecXQGhpfoigQHoIomVbom0_mm575NL6u0-vrHMHjW8dVHvG0JIhJhh3jYPSE-lMqHyQVKn9lh7N__r5UIiPLs7_7IuOcQo3Pb9k6PyKxwT8N7pORvNvPFfCOk_2rcRbzSVEx_h9LNgIxw9t6UhBPBRwNtNY5PLiI8dOuVUgvIhacOFJNCr3rvR-hYuTlwoD-6vMFQA-tPzBdWo7e1KRzWKi3VglmTzReWf-anQp8XwYJ4k7F-_RaITisee4kyb5dxQKGwLS7iJSEu4Dj5cPchw6UHtafbGWKv_Qxnd7RWhM6biEzUPUvxGxWD0wz8lQJOY0n8QkgccZVERvn4HXQQYohonQ_iwdhCo2emuQSKLowbHcWg2hYvE9SbeJAxHe1OuM1hyAijxlbBT3IIDrtlFMEUhzQp44E7uQqFgOOajdSIIZURH4VtdGHYAjjXBegfL_rtNj0XChlFbq7lMd70iII5KRSz56rxtdyI7UfKSBBnbNkhrLzbvTLvp-BloVImPWXRWaMaEFGP2GHr10C4i48bcBkJNAaL-SA6siILD463wDElhYLDV-hDKd4sqHRWril2L33F47RnqHHQcaZj4hrGgumR2Q_xKikMsgys42xZb-rVOVVncEt964W4TrRcvEPmrF91QKtbs22as2yXFkH6zwAh0lylmH5H13YBZiY2o2cClAIKxGgIJNxloFKCdObJ-JtBzJ9HUdS3_v2kQX9UgpXa7kqpJMFYtIjcTo3PvFdBaMLAEgu7Ff34QLGryJBWr5EF0UvZAODwwJXXz_786qWf0WIVeInA1XsDYg7VrTG4MFFmK6QoAsQZxY-BGhFMNTRw5i8eLdylqBinIDKtdZOhWxd89sjBPAzxXBXSDBrZCksTbFXQXgkebbg4c59yF5ik62ltRT8elRjmrpN&cid=CAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fblog.paleohacks.com%2F&ds=l&xdt=1&iif=1&cor=3506998659630726000&adk=3047537735&idt=91&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:12:30 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame C268 11 KB
4 KB 53ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKE8Jh248ZO36LsOU-wbc2rH4AablvaBphZWcp8kP8C4QASDI_YgeYJXikIKgB8gBCakCmh63kApxsj6oAwGqBOABT9C8AHa46yEb95pRMlq5J6g0k4fJXCWNpU1ECPBnRiVbJNmFaRFfE5OKpyUp1LP3BoXGymRqQrxhlGbuK61zGHAavL0LmSzzUa91fSg9A99chnpcmqXrNzWzEA_7XqEv5oPQm5JysmL3r9Yq86bZdAq5Ah1wj92cFF43rYJt2FuENGucRK7wp8vdnVq5sIbequT9LrcJ26yXwrV8BONy1-TnLdv2mu8qqzP-b8dK2bKV84N761c8enrGx9h4CaiNwNDTrmEajSZVxKvz_AiBOMUjkTcf2riUi_Tezxpas8zABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB%26sig%3DAOD64_1dRShyB0zSZDR-r8JRN1A2JkvwQg%26client%3Dca-pub-5144389657785565%26dbm_c%3DAKAmf-Cy6_wEhYlgC_AcJJ-FJjRbjXS4rhnNWSlsffXZy2keZOacY5R4umtVCxJNPt46il8xkKSKXbZZfgPp1zw2a2oV7bKCrRVdr18k-hu29wogP1rXBya_N6PHZa8A485wx5TfxhhPnKjCRuQ4CEgKAXBruDbqHO0PsTIs_7ksJLsm9MKpR8k%26cry%3D1%26dbm_d%3DAKAmf-DcgoYqIY7brA-9kdkcwVSL4ZSmqxbVfi0bP3jAkJrjzcFLZEt3oSMn4BuDTquBt6m94Z3Ylw9HX1ycqVaqv1iEVG2hIYsH8_cO1jMBlr-d5SdKA5yJarVwlbjnwQc_gPZ4LQ6fZEbjvcSo6Uoze2ybocSvStbigHPRqF57DIKSRdwIsjwiAO61HXV5XyYFbwMt7kJ8T1K98GoGyqm77FS_AejsutjqQTYOcU-NKImJ7xvf_A3nkt7VT5Kc-9MG4Kq6pYkv4VodTAxIxr78PmWN2rQURqkTw6uzjg6jiCCUDhWy9FvbWOK7pS99eq6FMJ-VmSfz9lZsRrYthhIAPLW-qXf6CaxYLU2GnZaYbg7KRxMoPlIfqh0RmvnS5T4y0Yom-ZUsI7tFgqNKklwA9MUOF0pRUh9nkrDWWzSaXv48ix35-XN6sQaiL8BUcAqZMgZjSVWK8JvwpgB4SikvTPIjY3bqGMrEDBWlIE124Kh2pKsnFZsbsx1E8gxQe9zzTISFTosI3ice5fYwMte1VU9kmXPJ8GzKYD49eYe8x_MebTIUgWc%26adurl%3D
Requested by: Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bd1bc2711f81c721c44b6e3c4144cf16cc19600607638a548c6086ac49cc78d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 21:54:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4063
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4DDE 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 186071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 18:13:06 GMT
expires: Sat, 13 Apr 2024 18:13:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DDE 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame C268
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
932 B

137ms
115ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKE8Jh248ZO36LsOU-wbc2rH4AablvaBphZWcp8kP8C4QASDI_YgeYJXikIKgB8gBCakCmh63kApxsj6oAwGqBOABT9C8AHa46yEb95pRMlq5J6g0k4fJXCWNpU1ECPBnRiVbJNmFaRFfE5OKpyUp1LP3BoXGymRqQrxhlGbuK61zGHAavL0LmSzzUa91fSg9A99chnpcmqXrNzWzEA_7XqEv5oPQm5JysmL3r9Yq86bZdAq5Ah1wj92cFF43rYJt2FuENGucRK7wp8vdnVq5sIbequT9LrcJ26yXwrV8BONy1-TnLdv2mu8qqzP-b8dK2bKV84N761c8enrGx9h4CaiNwNDTrmEajSZVxKvz_AiBOMUjkTcf2riUi_Tezxpas8zABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB%26sig%3DAOD64_1dRShyB0zSZDR-r8JRN1A2JkvwQg%26client%3Dca-pub-5144389657785565%26dbm_c%3DAKAmf-Cy6_wEhYlgC_AcJJ-FJjRbjXS4rhnNWSlsffXZy2keZOacY5R4umtVCxJNPt46il8xkKSKXbZZfgPp1zw2a2oV7bKCrRVdr18k-hu29wogP1rXBya_N6PHZa8A485wx5TfxhhPnKjCRuQ4CEgKAXBruDbqHO0PsTIs_7ksJLsm9MKpR8k%26cry%3D1%26dbm_d%3DAKAmf-DcgoYqIY7brA-9kdkcwVSL4ZSmqxbVfi0bP3jAkJrjzcFLZEt3oSMn4BuDTquBt6m94Z3Ylw9HX1ycqVaqv1iEVG2hIYsH8_cO1jMBlr-d5SdKA5yJarVwlbjnwQc_gPZ4LQ6fZEbjvcSo6Uoze2ybocSvStbigHPRqF57DIKSRdwIsjwiAO61HXV5XyYFbwMt7kJ8T1K98GoGyqm77FS_AejsutjqQTYOcU-NKImJ7xvf_A3nkt7VT5Kc-9MG4Kq6pYkv4VodTAxIxr78PmWN2rQURqkTw6uzjg6jiCCUDhWy9FvbWOK7pS99eq6FMJ-VmSfz9lZsRrYthhIAPLW-qXf6CaxYLU2GnZaYbg7KRxMoPlIfqh0RmvnS5T4y0Yom-ZUsI7tFgqNKklwA9MUOF0pRUh9nkrDWWzSaXv48ix35-XN6sQaiL8BUcAqZMgZjSVWK8JvwpgB4SikvTPIjY3bqGMrEDBWlIE124Kh2pKsnFZsbsx1E8gxQe9zzTISFTosI3ice5fYwMte1VU9kmXPJ8GzKYD49eYe8x_MebTIUgWc%26adurl%3D&documentReferer=https%3A%2F%2Fblog.paleohacks.com%2F&ancestorOrigins=https%3A%2F%2Fblog.paleohacks.com&random=131638126819&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: c4a92db810a48699798ca8d37f2280066f13f5fb3405043130ea65005fa05ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 24658800124246604444550012296017
Connection: close
Content-Length: 326
Expires: Sun, 16 Apr 2023 22:54:17 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKE8Jh248ZO36LsOU-wbc2rH4AablvaBphZWcp8kP8C4QASDI_YgeYJXikIKgB8gBCakCmh63kApxsj6oAwGqBOABT9C8AHa46yEb95pRMlq5J6g0k4fJXCWNpU1ECPBnRiVbJNmFaRFfE5OKpyUp1LP3BoXGymRqQrxhlGbuK61zGHAavL0LmSzzUa91fSg9A99chnpcmqXrNzWzEA_7XqEv5oPQm5JysmL3r9Yq86bZdAq5Ah1wj92cFF43rYJt2FuENGucRK7wp8vdnVq5sIbequT9LrcJ26yXwrV8BONy1-TnLdv2mu8qqzP-b8dK2bKV84N761c8enrGx9h4CaiNwNDTrmEajSZVxKvz_AiBOMUjkTcf2riUi_Tezxpas8zABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB%26sig%3DAOD64_1dRShyB0zSZDR-r8JRN1A2JkvwQg%26client%3Dca-pub-5144389657785565%26dbm_c%3DAKAmf-Cy6_wEhYlgC_AcJJ-FJjRbjXS4rhnNWSlsffXZy2keZOacY5R4umtVCxJNPt46il8xkKSKXbZZfgPp1zw2a2oV7bKCrRVdr18k-hu29wogP1rXBya_N6PHZa8A485wx5TfxhhPnKjCRuQ4CEgKAXBruDbqHO0PsTIs_7ksJLsm9MKpR8k%26cry%3D1%26dbm_d%3DAKAmf-DcgoYqIY7brA-9kdkcwVSL4ZSmqxbVfi0bP3jAkJrjzcFLZEt3oSMn4BuDTquBt6m94Z3Ylw9HX1ycqVaqv1iEVG2hIYsH8_cO1jMBlr-d5SdKA5yJarVwlbjnwQc_gPZ4LQ6fZEbjvcSo6Uoze2ybocSvStbigHPRqF57DIKSRdwIsjwiAO61HXV5XyYFbwMt7kJ8T1K98GoGyqm77FS_AejsutjqQTYOcU-NKImJ7xvf_A3nkt7VT5Kc-9MG4Kq6pYkv4VodTAxIxr78PmWN2rQURqkTw6uzjg6jiCCUDhWy9FvbWOK7pS99eq6FMJ-VmSfz9lZsRrYthhIAPLW-qXf6CaxYLU2GnZaYbg7KRxMoPlIfqh0RmvnS5T4y0Yom-ZUsI7tFgqNKklwA9MUOF0pRUh9nkrDWWzSaXv48ix35-XN6sQaiL8BUcAqZMgZjSVWK8JvwpgB4SikvTPIjY3bqGMrEDBWlIE124Kh2pKsnFZsbsx1E8gxQe9zzTISFTosI3ice5fYwMte1VU9kmXPJ8GzKYD49eYe8x_MebTIUgWc%26adurl%3D&documentReferer=https%3A%2F%2Fblog.paleohacks.com%2F&ancestorOrigins=https%3A%2F%2Fblog.paleohacks.com&random=131638126819&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 16 Apr 2023 22:54:17 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DDE 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Btyi2iW48ZIbMJeSAjuwPxvu7uAEAAAAAOAHgBAI&bg=!jY6ljtrNAAZA7GLoYOw7ADkAdvg8Wh90Q1WtEE3nwWmko6y0zHwgumn4Fpsd19KVEkbfj6m45a77pyQ_mcEwOZY2PNow2rT5ROICAAAAWFIAAAACaAEHmQMpgyzLbfTCwWy2HqMUFtOQjKCeCBj6lZ-k7iM65n-rFh8qvHDdOZFAjmqnFN5O0_1cw4UQYElIAerLtrHhyFqvvP3TfGsQJgK6jk_vxDzZkc7aapieDB3spNAan4Wf1yh17VEjP_c9GvVGrQ9VM_VHIcDAO8l_riGTLb1KdU_ObYtuW3ATdkgq3Ma-pNiCLCm_lLvC78MPZVs3xFPyR0NEoMdd1fvgOfz5hwjRTurqygD7hnSPqPHXkF63IG6s3O6W0LBX7-wdo5UwAZoxES6Jdp_SnawMSCtd9ZZXLzD287pd77oskyPG1qXoB5-9Pk2edjXmNNBqaAr-WDc4PClTf96zaqqinCxeF9REXaSZvEsmD50Cs0AfHC_5b8PqMnAOXVPxCTR-uj0jBfDWSOw_HTfj5CvPhopuUQGHYKLn6jb12DYjz7SPEtkA31NPPkxsmlIsXjhhCvxJnnWX6FHLODEaLTCqlBwa4y5iVlh7MFaO527XHMF_ykLFMXVRTZaoiN3lde9BTwmW_35A5mvjRcPo0LgO43iqzEIFPaX9ZtJ1tuPMvqByCUIK9ciY-nWLYmm8_XuDxVQ79wc62HPXyEdU7rR5FhXsPnXBE3iINkWI0nIW9-XDc1t9RdvBzgh27VV02YkNt91D93XO22SOm57DRLKbZXgXa5WMlXIJHTS_xxje3rSMXr-oaZ-DWb3Ve0prLKzbeXQ0CoDyL5vc3Z-ZrccYT5mG9g6AMnBurKrPLKQS5_nBMhl1QzKD1BZdnXE-SYbeMvClRu6svWkHCUyv_rkthRNayzjbxkJgz9hSrxuHVLjiNlrZu6kWTxhtKD31oETluca-5VxCPdPfmG8Dfa0Btj2t9wAK1Ueoq2zoY2-r3W-Ers4kFm97idbopKv92EX6M-70Exix5PxY8r6wxUkivM-vcz1LgCHrgDfxPd_bjxlY8-zkx7MjfmuSJSJE2cgC6HC1o5lzCKC8cNrFNtPtn9yDK50fAtzn43wyG_3YoRf0bhL3ufBB9Tkg6QMW1Q6pcVtZLGpGqnjB3olDByFwRSbkmo_NyCtaLsVBAa9IRV05HNk

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 060D 7 KB
3 KB 33ms
11ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=653a16cbbc&subid=&uid=0be7d8a70c4832ab&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKE8Jh248ZO36LsOU-wbc2rH4AablvaBphZWcp8kP8C4QASDI_YgeYJXikIKgB8gBCakCmh63kApxsj6oAwGqBOABT9C8AHa46yEb95pRMlq5J6g0k4fJXCWNpU1ECPBnRiVbJNmFaRFfE5OKpyUp1LP3BoXGymRqQrxhlGbuK61zGHAavL0LmSzzUa91fSg9A99chnpcmqXrNzWzEA_7XqEv5oPQm5JysmL3r9Yq86bZdAq5Ah1wj92cFF43rYJt2FuENGucRK7wp8vdnVq5sIbequT9LrcJ26yXwrV8BONy1-TnLdv2mu8qqzP-b8dK2bKV84N761c8enrGx9h4CaiNwNDTrmEajSZVxKvz_AiBOMUjkTcf2riUi_Tezxpas8zABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB%26sig%3DAOD64_1dRShyB0zSZDR-r8JRN1A2JkvwQg%26client%3Dca-pub-5144389657785565%26dbm_c%3DAKAmf-Cy6_wEhYlgC_AcJJ-FJjRbjXS4rhnNWSlsffXZy2keZOacY5R4umtVCxJNPt46il8xkKSKXbZZfgPp1zw2a2oV7bKCrRVdr18k-hu29wogP1rXBya_N6PHZa8A485wx5TfxhhPnKjCRuQ4CEgKAXBruDbqHO0PsTIs_7ksJLsm9MKpR8k%26cry%3D1%26dbm_d%3DAKAmf-DcgoYqIY7brA-9kdkcwVSL4ZSmqxbVfi0bP3jAkJrjzcFLZEt3oSMn4BuDTquBt6m94Z3Ylw9HX1ycqVaqv1iEVG2hIYsH8_cO1jMBlr-d5SdKA5yJarVwlbjnwQc_gPZ4LQ6fZEbjvcSo6Uoze2ybocSvStbigHPRqF57DIKSRdwIsjwiAO61HXV5XyYFbwMt7kJ8T1K98GoGyqm77FS_AejsutjqQTYOcU-NKImJ7xvf_A3nkt7VT5Kc-9MG4Kq6pYkv4VodTAxIxr78PmWN2rQURqkTw6uzjg6jiCCUDhWy9FvbWOK7pS99eq6FMJ-VmSfz9lZsRrYthhIAPLW-qXf6CaxYLU2GnZaYbg7KRxMoPlIfqh0RmvnS5T4y0Yom-ZUsI7tFgqNKklwA9MUOF0pRUh9nkrDWWzSaXv48ix35-XN6sQaiL8BUcAqZMgZjSVWK8JvwpgB4SikvTPIjY3bqGMrEDBWlIE124Kh2pKsnFZsbsx1E8gxQe9zzTISFTosI3ice5fYwMte1VU9kmXPJ8GzKYD49eYe8x_MebTIUgWc%26adurl%3D&documentReferer=https%3A%2F%2Fblog.paleohacks.com%2F&ancestorOrigins=https%3A%2F%2Fblog.paleohacks.com&random=131638126819&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 22a30925a0f4c9af360dc13dc06fe50b0c1fd49e207a7fce2e479b241e86f3fb

Request headers

Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2285
Content-Type: text/html; charset=utf-8
Date: Sun, 16 Apr 2023 21:54:17 GMT
Expires: Sun, 16 Apr 2023 22:54:17 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E734 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 11:06:46 GMT
etag: 48472445140208031
expires: Mon, 17 Apr 2023 11:06:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C268 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd3178b4f3692d1d69750b0fd70a136c61998528ab5413fd0eb16cad03ecee47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 060D 89 KB
32 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 15:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 15:51:37 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 060D 24 KB
24 KB 58ms
13ms Image
image/gif 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 21:54:18 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H2 200 dpixel
cms.quantserve.com/ Frame E734 35 B
464 B 48ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFlH6x64aAy1ShzzY8WzkE4&google_cver=1&google_push=Aer7DvIbU5au5hWNUtee03aotGZ8FOLXXxjUcuUzQ0CTtlwIwEDVzkrat236Tm31FMPZQdWprOWzKpazRgfrCQKKyzZ_y4kGB-X5Og

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E734
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0F4aDdvUE8xUE9ha2E1&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cver=1&google_push=Aer7DvIHCL3D9svIqHzrFiAm6ao3KkFcq5Nm0JtfZ8mVLjX...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0F4aDdvUE8xUE9ha2E1&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cver=1&google_push=Aer7DvIHCL3D9svIqHzrFiAm6ao3KkFcq5Nm0JtfZ8mVLjXm5IaJDrzFSUT7Rw2SyKEv-s7Dp71-5EkyhRUpZWrollF3YcGZMfo9PQ

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 21:54:17 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V0F4aDdvUE8xUE9ha2E1&google_gid=CAESEIna56s4mBYd5xysmUy1uCI&google_cver=1&google_push=Aer7DvIHCL3D9svIqHzrFiAm6ao3KkFcq5Nm0JtfZ8mVLjXm5IaJDrzFSUT7Rw2SyKEv-s7Dp71-5EkyhRUpZWrollF3YcGZMfo9PQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E734
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFJ5S06IwOBtFkQ4hFY24rU&google_cver=1&google_push=Aer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Y...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJ5S06IwOBtFkQ4hFY24rU&google_cver=1&google_push=Aer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts85...

43 B
416 B

197ms
175ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJ5S06IwOBtFkQ4hFY24rU&google_cver=1&google_push=Aer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b8faa802a053802-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2027
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJ5S06IwOBtFkQ4hFY24rU&google_cver=1&google_push=Aer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLWc_ehFCNBG87S_JVvDjxRSRvIQgfmqftzid_gx5OGaBWLWQBYfhw7uJ3Apzetu7_2zT98pQC1zcFguGRjOulO6NYts852Yw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b8faa7ed89b3802-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E734
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_yx851iA8X7JeXB5v2lhc&google_push=Aer7DvKWW8CFKUU6p3TdUGyfEClG4tpFRI2Vbc5skM728FV3o7YvdjC3zQ...

170 B
188 B

18ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_yx851iA8X7JeXB5v2lhc&google_push=Aer7DvKWW8CFKUU6p3TdUGyfEClG4tpFRI2Vbc5skM728FV3o7YvdjC3zQH_2BAWI9QIXk4ONifP1-LzknbKEAzBhh5rIhE3GfXb

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230069-FRA
pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681682058.059515,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_yx851iA8X7JeXB5v2lhc&google_push=Aer7DvKWW8CFKUU6p3TdUGyfEClG4tpFRI2Vbc5skM728FV3o7YvdjC3zQH_2BAWI9QIXk4ONifP1-LzknbKEAzBhh5rIhE3GfXb
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E734
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAblOwGTtMTsBwlrwON7jpw&google_cver=1&google_push=Aer7DvI0yopb1EZKdG8TtNUo_Aj40nv9nzn3Bd9nEBpoj8husTHpCyRBnbhcNrXJq0AuXB88cKgrBJExZDFtxT_y3Io0v92...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI0yopb1EZKdG8TtNUo_Aj40nv9nzn3Bd9nEBpoj8husTHpCyRBnbhcNrXJq0AuXB88cKgrBJExZDFtxT_y3Io0v92Ws1KH2w&google_hm=eS0xWVdIMXVkRTJwRjhx...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI0yopb1EZKdG8TtNUo_Aj40nv9nzn3Bd9nEBpoj8husTHpCyRBnbhcNrXJq0AuXB88cKgrBJExZDFtxT_y3Io0v92Ws1KH2w&google_hm=eS0xWVdIMXVkRTJwRjhxODV6SWl0NE5TdUJ2RW9DT0dwZH5B

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 16 Apr 2023 21:54:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI0yopb1EZKdG8TtNUo_Aj40nv9nzn3Bd9nEBpoj8husTHpCyRBnbhcNrXJq0AuXB88cKgrBJExZDFtxT_y3Io0v92Ws1KH2w&google_hm=eS0xWVdIMXVkRTJwRjhxODV6SWl0NE5TdUJ2RW9DT0dwZH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E734
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFk-rIJWohmmc6yug9Q-V-g&google_cver=1&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJA...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFk-rIJWohmmc6yug9Q-V-g&google_cver=1&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6Y...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJAVzHTtPw

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJAVzHTtPw

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKUatAeZHPsc6_Wi3NimQeSfcHkAuNuSRUt79XDJXSqzPqLsSfwiHJmRF1Pux6TSwLtmgKIC39LuX687f1B1ao6YJAVzHTtPw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame E734 43 B
351 B 75ms
15ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHCXW0l_zxaWb4dSpYIMsvA&google_cver=1&google_push=Aer7DvLm186BEgLlXmOq7IEW58WD1xvYjrw0HgCxBmaC2bt-VsQBfQenaQpSRKG5-9_EO3QioK8GbPOze-k3xSz5PdgeWIRBQBh_
Requested by: Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 37rjma787bdmruqtf9acsbh4sq4l2h16

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E734 0
12 B 17ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaN0WI_38yvZ48PwaZN7sb66s0N__bcgq5I9ZIelziHECEFj57PuaRW-_WwuEVAxCWB812

Requested by

Host: 5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
URL: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:54:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 060D 0
150 B 40ms
15ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=24658800124246604444550012296017&a=9372196f&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 21:54:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 060D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 72ms
32ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1681682058230

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 16 Apr 2023 21:54:18 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C268 42 B
174 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKBflJYH51a7NJaQ9ox56ue3b08EEMhzxzOUcrpa7KaBlB60794DHOhHz3uCmtldWFJMriSrbfaFuUEyNuD0CSZEGBVlGzVoylOVrAp8DaGJXHxOi_0rOzzwmH&sai=AMfl-YTM_YmWtAAWB4SAVL0RBo2kjrgEITfQ5Uh6wNnkMYn8c2gqyt7tY3ZMP1SuhnFxMkgUbFPcjrVAzvfsRgVQx8ben24NfBueJDMa7SBpOJ1IUHroXvID2AvtSIBm&sig=Cg0ArKJSzJF0VrjBX8KQEAE&cid=CAQSPABygQiDbRkLT71VgjBYjQnXinms82cy218YeAcqZJfIkyAxWy0KEThczJTvMxDgUam30OYQ8HJsMAKnqhgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681682057467&rpt=505&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C268 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9620209538959&version=m202301230201&ct=77&x=1&cor=3506998659630726000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:54:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 060D 0
150 B 33ms
12ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=24658800124246604444550012296017&a=9372196f&vb=v
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=24658800124246604444550012296017&a=c2a22def
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 21:54:19 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 90f1d619-be9a-4fa0-8e2c-f0f18a8501ff
URL: moz-extension://90f1d619-be9a-4fa0-8e2c-f0f18a8501ff/js/app.js

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/contact-us	1969-12-31 23:59:59	Name: phvid Value: 147429229
links.paleohacks-mailing.com/	1970-01-20 11:08:45	Name: _session_id Value: 12f44e16df8eec7ffbf0b7355905e45f
.paleohacks.com/	1970-01-20 11:09:28	Name: _gid Value: GA1.2.2019736244.1681682053
.paleohacks.com/	1970-01-20 11:08:02	Name: _gat_UA-42752472-1 Value: 1
.paleohacks.com/	1970-01-20 19:53:38	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A1878c0fb87445e-0ba6be51a5078c-1e36307d-1d4c00-1878c0fb875113f%22%2C%22%24device_id%22%3A%20%221878c0fb87445e-0ba6be51a5078c-1e36307d-1d4c00-1878c0fb875113f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paleohacks.com/	1970-01-20 20:44:02	Name: _ga_QMKQQWEFHC Value: GS1.1.1681682053.1.0.1681682053.60.0.0
.paleohacks.com/	1970-01-20 11:08:02	Name: _dc_gtm_UA-81910700-1 Value: 1
.blog.paleohacks.com/	1970-01-20 19:53:38	Name: _pin_unauth Value: dWlkPU9XSmlNV0U1WWpRdFlXSm1NeTAwWmprd0xXSmhabVF0TVRoa1lUQmhNakZrWkRNMA
.paleohacks.com/	1970-01-20 13:17:38	Name: _fbp Value: fb.1.1681682053563.2022593298
.paleohacks.com/	1970-01-20 20:44:02	Name: _ga Value: GA1.2.1801483012.1681682053
.paleohacks.com/	1970-01-20 20:44:02	Name: __attentive_id Value: 2be01f86e0584ac48692cfbb8adb42dd
.paleohacks.com/	1970-01-20 20:44:02	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjgxNjgyMDU0NDE5LFwidW9cIjoxNjgxNjgyMDU0NDE5LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjJiZTAxZjg2ZTA1ODRhYzQ4NjkyY2ZiYjhhZGI0MmRkXCJ9In0=
blog.paleohacks.com/	1970-01-20 20:44:02	Name: __attentive_cco Value: 1681682054421
.paleohacks.com/	1970-01-20 11:08:03	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 11:08:03	Name: __attentive_ss_referrer Value: ORGANIC
.paleohacks.com/	1970-01-20 11:09:28	Name: __attentive_dv Value: 1
blog.paleohacks.com/	1970-01-20 11:51:14	Name: ph-popup Value: shown
blog.paleohacks.com/	1970-01-20 11:51:14	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
.doubleclick.net/	1970-01-20 20:29:38	Name: IDE Value: AHWqTUn9nT6BjC4ftb2Wdwtf_Z31gMCkNH-IaAIihIBMowmS-9d58xielq65W5V8jqU
.paleohacks.com/	1970-01-20 20:29:38	Name: __gads Value: ID=a35ad2a37fcd3c35:T=1681682055:S=ALNI_MaGX0Q5TyfP189xmZC7eXM7Em4nVw
.paleohacks.com/	1970-01-20 20:29:38	Name: __gpi Value: UID=00000c0480281229:T=1681682055:RT=1681682055:S=ALNI_Ma7X8hYGKdUkQRdVeJAkHGSMKSxrw
.adnxs.com/	1970-01-20 13:17:38	Name: uuid2 Value: 591539022360915785
.adnxs.com/	1970-01-20 13:17:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$OkEog5!]tbPl1M>e)ZlrFUfJ+tGXxoHK#20SEptv5A+g3R9x+u'Uv+SH[)OT'RxoZibpRzqF1`b`%4:B1(
.casalemedia.com/	1970-01-20 19:53:38	Name: CMID Value: ZDxuidoUE8dXzjyHQP0tjgAA
.casalemedia.com/	1970-01-20 13:17:38	Name: CMPS Value: 3301
.casalemedia.com/	1970-01-20 13:17:38	Name: CMPRO Value: 3301
.redintelligence.net/	1970-01-20 13:17:38	Name: 8lcfmzhxc8d6_uid Value: e8fe64e90be702f9
.quantserve.com/	1970-01-20 13:17:38	Name: d Value: EFIBCQHiKIEA
.quantserve.com/	1970-01-20 20:38:16	Name: mc Value: 643c6e8a-0f304-61150-9e76b
.w55c.net/	1970-01-20 20:38:16	Name: wfivefivec Value: WAxh7oPO1POaka5
.w55c.net/	1970-01-20 11:51:14	Name: matchgoogle Value: 5
.de17a.com/	1970-01-20 19:46:26	Name: guid Value: 1.5280874940863616710
.yahoo.com/	1970-01-20 19:53:59	Name: A3 Value: d=AQABBIpuPGQCEPSD0U-vxp307HAi-Ta1GEcFEgEBAQHAPWRGZAAAAAAA_eMAAA&S=AQAAAuKmx0bQ8OCYPnUyKZhim5o
.everesttech.net/	1970-01-20 19:53:38	Name: everest_g_v2 Value: g_surferid~ZDxuigADR_Fb8AAn
.tribalfusion.com/	1970-01-20 13:17:38	Name: ANON_ID Value: aQnseFo0P8fCmTN83vFZcurF8Ma0ZcnDEIlAZaFbwR9Ru49j6XdnAm4L17B46T42JgcWZahejw2ZblF2xUWPXwddo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: moz-extension://90f1d619-be9a-4fa0-8e2c-f0f18a8501ff/js/app.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178194.tracking.hyros.com
5e4db5b93db134bf6ad22dcf21642f7a.safeframe.googlesyndication.com
90f1d619-be9a-4fa0-8e2c-f0f18a8501ff
a.tribalfusion.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-js.mixpanel.com
api.ipify.org
assets.pinterest.com
beacon-v2.helpscout.net
blog.paleohacks.com
cdn.attn.tv
cdn.contentspread.net
cdn.mxpnl.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
ct.pinterest.com
d3hb14vkzrxvla.cloudfront.net
d5p.de17a.com
dsum-sec.casalemedia.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900017.redintelligence.net
ib.adnxs.com
ip2c.org
links.paleohacks-mailing.com
log.pinterest.com
pagead2.googlesyndication.com
paleohacks.attn.tv
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
rtb.openx.net
s.pinimg.com
s.tribalfusion.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
track.mypaleorecipe.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
90f1d619-be9a-4fa0-8e2c-f0f18a8501ff
104.18.43.48
130.211.34.183
138.201.63.157
142.250.186.98
143.204.215.6
145.239.2.103
151.101.64.84
151.101.66.49
159.69.70.9
172.64.150.25
173.231.16.77
18.66.137.213
185.80.39.216
2.19.224.184
2001:4860:4802:32::36
213.155.156.183
2600:1901:0:498c::
2600:9000:21f3:600:1c:9484:cec0:93a1
2606:4700:10::6816:12c
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:26f0:6c00:1b3::1931
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:dc73:e56b:3a29:5c67
2a06:98c1:3121::3
3.123.183.188
34.199.5.193
35.186.253.211
35.238.129.105
37.252.171.149
77.55.216.90
88.221.168.23
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
11715aec7f7cf76332d464d65a2ce85ed2c12fc4a90cadf0e191418af2df3d7e
1239619bed0424b7d404dd2030313bed1b7681c4e6d2a00f5709701c263f7d1b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
15d7b13e7c438f4fb9c6b2f9940e9193c9a25c1bb1ed4625d1badbac8882db2f
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1a6778639759f20ac4c647b91f5620427756b3b59a3d1e05b544a90a75e4bf8c
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
222e024a119ff514e245cc07990f912a400c337efce19b567a6661d23c310938
22a30925a0f4c9af360dc13dc06fe50b0c1fd49e207a7fce2e479b241e86f3fb
26c9352a21c5bf91d65a5c994fb6fb825854f53f5d2753338eba895a228a8f73
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
30db97675a54d91b0b99d482d3b4ff459ffafee1470ad4855ce0bd3cbcbca2ab
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3344028895a8f92eed90a9498b770b22e5807e141f788a59e0966878a00ba975
337548e5a49f9b0543f04e26958548f23cf9914ba71aecc4de6005597dd7a910
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
390943828e1eb3ba63d62d2da52797e5151d0dad0c23fff51925263d2fad1299
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
40170fb922e0e5fb620e58b27e3c9cfcb334b90427c32c53959223239a9815b3
4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025
48df57e7d19711e52ea797ee1a0605cbe4b6972042545f59216ad04974a6a103
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
496da68c64c7bf7a38e58df574e51491d5f4427b35b0d929da5fcfe67648d8f7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
52d3e5c9fb15f3cfd863ca4b8d2144e308acbce5b319dee97f70661130c3878c
530699399fd7548a91ac3f2bb58609584569f0520fbaa67c6dbe625cde7a5e0f
53d45289360cb7952c27612c6491fdebfd88c61dac419975f8d851041c2f7c03
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ad361b506caebfcd81739dc75f9dc611a0c38714066fbead5353fdc38cf850c
5e1a581a619d1c6a1a9b8adb2d8e1d105241e8fe166cc372237a22d3352feaa9
5fcc89ee1dcff30a72b389ba5afdc255829e83db910b0b1f3351af881f83c5ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c31d6ad190b522928dd0304e821d889275ead9192271fa5aeb70d7b80903e
62d360452fdb4f527258db49ea59e78293d60e55794f92a06facc87545ddba70
696518bd8dfc4146f7ddf61031068a38b84e326a0059e67038a3b61db40efb6f
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6bb15d00b382da2bee6fd202e2dbab0719303ccbabde9ab0bb0593defffc2138
708970c58cd4f871a3f3ffb9309d7e696a537afd00fc7e0d78ccf21137032136
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
732dc53b668bcc72d493af75120d45fa87d975af66eaed42f8f794a50d789303
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
75ddb20661ab8dd83e5f6c8b17ebf185ed257668e424e0a5fa04877e9a37b5b2
77f9962a622a241decfe5721c5fd2a68f871f223088b4423b99a996679de7631
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7cceac0e1b94c5964df6d6da287f575859f66716dfb73ce20317061829ac4704
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
816f30d66827cb24a6ee4cd325ec3e0708270ddacf0b78253ece7a4dca2a1474
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a47a0bb64a6d5647c22b94732cfd1baee4025b10d2cc0ad8b100e54f6da7b
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8b7e03d96b7488534a42f105301448c6b44acc3309f0c28c9a7920542eeaa9d3
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
903d8d5de01ac0b9aedf5aecbf964498c581cbf6656751999560442e6cc700b9
9199d9b2f9e0b8b4fbbb0b5ea4eb96c1fe9799288fcc8ee3a0d38c83c16c5a60
92aa11587aa820dc18977e3156bf9359e7694050c2d7d21a5cae435993c1bdea
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94de4f783ba7c57d7ce8932e3ef6b26f064e54d42c66ec30f43e5733a22faa7e
98ccfce8ab03e4fbdfd9a102041136c596409b088ac5a9df0c9c72044f8f6ecd
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e74d79ea7ff2237e976687dbf185cb576b4fa4f2fa04647f611820dfff67268
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a470ce828f9432bbefcf901b7cc79463d432527726654b3bc8b76d01be29bd97
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
aa0d6c798742eedb9be8babd47ebaaace2c45e45d1bb86a4b1bf55a827980b91
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f
b0d6eb8605f5f69fae3350a08958258acc8b2f550b5241cacbf202b1ce5e4d0c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774
bd1bc2711f81c721c44b6e3c4144cf16cc19600607638a548c6086ac49cc78d5
c0713ea500e4a6a33fbed93ce88ecfcc3333bbdce608f5f07fddf8ac74337f8f
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802
c4a92db810a48699798ca8d37f2280066f13f5fb3405043130ea65005fa05ce7
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c962694bae9b9c9e115e3d0d7393dafaf1fdc0c06a0e22c2eb5914253d762e77
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cd3178b4f3692d1d69750b0fd70a136c61998528ab5413fd0eb16cad03ecee47
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d537d48fb27f8b4d54ff55e4e83a03f77e0da6ea76fb853c3c76db6a689868e5
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
d78b559002120af3c4376636b7f40138ab379b5cc6a5199a2a0488dfea1ce242
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5998767baca7514de03505489a32eb525c0dcb8995e18d65a67fd9258fd8b94
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fb4030bfa42716d19ae274676604a4d4dec5277ab60c4dcd64e61d0df5f9c573
fb7a622ecf9bf756312e419109dda852ea1a50445cf9ba907ef2cfb2be59b9bb
fb94dccf2419dd78e21ecaba757fed0df6f51de96a941b02e7e10c5f12d3d360
fc22b03cd2b5ae6dd2e8a557783fcad0f14d939e7eb8be2128dc3a75483087ba
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

blog.paleohacks.com Open in urlscan Pro 2606:4700:10::6816:12c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

94 %HTTPS

55 %IPv6

38 Domains

53 Subdomains

45 IPs

9 Countries

1706 kBTransfer

4851 kBSize

35 Cookies

10 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:12c Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

94 %
HTTPS

55 %
IPv6

38
Domains

53
Subdomains

45
IPs

9
Countries

1706 kB
Transfer

4851 kB
Size

35
Cookies

180 HTTP transactions
2 data transactions