blog.paleohacks.com Open in urlscan Pro
104.22.1.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_9fa8cf110c0f5ad456db67dd3a384e03cc36345c/27d751682a134bfc49a7d45...
Effective URL:
https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Submission: On November 22 via api (November 22nd 2023, 3:01:13 am UTC) from US — Scanned from DE

Summary HTTP 308 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 76 IPs in 9 countries across 58 domains to perform 308 HTTP transactions. The main IP is 104.22.1.44, located in and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	104.22.1.44 104.22.1.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
44	2606:4700:10:... 2606:4700:10::6816:12c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.233.76.141 3.233.76.141	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	18.66.97.11 18.66.97.11	16509 (AMAZON-02) (AMAZON-02)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	23.48.23.22 23.48.23.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
16	34.111.96.116 34.111.96.116	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.18.43.135 104.18.43.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.39.221 104.18.39.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
4	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
3	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1 3	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
3	178.250.1.17 178.250.1.17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
21	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	178.250.1.15 178.250.1.15	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	178.250.1.25 178.250.1.25	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	178.250.7.12 178.250.7.12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	130.211.34.183 130.211.34.183	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.107.213.44 13.107.213.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
9	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 24	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
3 3	52.28.254.225 52.28.254.225	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.210.175.116 52.210.175.116	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	3.126.125.13 3.126.125.13	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	34.95.89.54 34.95.89.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.10 178.250.1.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.26.6.27 104.26.6.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	91.228.74.168 91.228.74.168	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	3.11.245.155 3.11.245.155	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
308	76

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.22.1.44 (None, )

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700:10::6816:12c (United States)

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.76.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-76-141.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-11.fra56.r.cloudfront.net

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

paleohacks.leadpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.23.22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-22.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.111.96.116 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.96.111.34.bc.googleusercontent.com

dts.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dts6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.43.135 (None, )

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.39.221 (None, )

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.35 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.1.15 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.156 (New York, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.26.11.209 (None, )

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.233 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.254.225 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.175.116 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-175-116.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.125.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-125-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.89.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.27 (None, )

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.168 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.245.155 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-245-155.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	paleohacks.com blog.paleohacks.com	683 KB
44	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	296 KB
35	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	360 KB
35	googlesyndication.com 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	138 KB
16	clnmde.com dts.clnmde.com — Cisco Umbrella Rank: 23950 dts6.clnmde.com — Cisco Umbrella Rank: 27656	2 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	122 KB
12	google.com adservice.google.com — Cisco Umbrella Rank: 105 region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732 dis.criteo.com — Cisco Umbrella Rank: 597 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925	129 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 599	4 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	348 KB
5	mypaleorecipe.com track.mypaleorecipe.com	35 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
5	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3321 ct.pinterest.com — Cisco Umbrella Rank: 849 log.pinterest.com — Cisco Umbrella Rank: 4488	20 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4008 paleohacks.attn.tv	46 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	2 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1682 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	29 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 110	16 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	177 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 912	3 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 66	31 KB
3	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 933	273 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	669 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	263 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	651 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954 static-de.ad4mat.net — Cisco Umbrella Rank: 188473	1005 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 746	775 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	880 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	608 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 10244	515 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 847	21 KB
2	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 22538	46 KB
2	leadpages.co paleohacks.leadpages.co	8 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 691 lg3.media.net — Cisco Umbrella Rank: 7529	43 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 90716	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 83719	427 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 82742	257 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1737	296 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	482 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	716 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	545 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	588 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1324	213 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 728	98 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	36 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2069	373 B
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3802	160 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3740	18 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3028 Failed	222 B
1	hyros.com 178194.tracking.hyros.com
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 737453	722 B
308	58

	Domain	Requested by
62	blog.paleohacks.com	blog.paleohacks.com track.mypaleorecipe.com
24	cm.g.doubleclick.net	3 redirects 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
21	static.criteo.net	ads.eu.criteo.com
18	tpc.googlesyndication.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
15	dts.clnmde.com	pxlclnmdecom-a.akamaihd.net blog.paleohacks.com
13	securepubads.g.doubleclick.net	blog.paleohacks.com securepubads.g.doubleclick.net 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
7	csm.eu.criteo.net	ads.eu.criteo.com
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	www.google.com	blog.paleohacks.com tpc.googlesyndication.com 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	c1.adform.net	6 redirects
6	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	blog.paleohacks.com 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
5	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	www.facebook.com	1 redirects blog.paleohacks.com connect.facebook.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	connect.facebook.net	blog.paleohacks.com connect.facebook.net
3	ams3-ib.adnxs.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com cdn.adnxs.com
3	pm.w55c.net	3 redirects
3	www.bing.com	1 redirects 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
3	static.xx.fbcdn.net	www.facebook.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	ads.eu.criteo.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
3	www.google.de	blog.paleohacks.com
3	region1.analytics.google.com	www.googletagmanager.com
3	cdn.attn.tv	blog.paleohacks.com www.googletagmanager.com cdn.attn.tv
3	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	blog.paleohacks.com paleohacks.leadpages.co
2	www.awin1.com	as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	d5p.de17a.com	2 redirects
2	onetag-sys.com	2 redirects
2	dis.criteo.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	sync.teads.tv	1 redirects 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	r.turn.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	rtb.fr3.eu.criteo.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
2	www.google.nl	blog.paleohacks.com
2	paleohacks.attn.tv	cdn.attn.tv
2	adservice.google.com	securepubads.g.doubleclick.net
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	paleohacks.leadpages.co	blog.paleohacks.com
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	ag.innovid.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	cms.quantserve.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	rtb.nl3.eu.criteo.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	prod-rtb.ad4mat.net	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	x.bidswitch.net	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	odr.mookie1.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	id.rlcdn.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	tr.blismedia.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	s.tribalfusion.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cdn.adnxs.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	adsdk.microsoft.com	902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	log.pinterest.com	blog.paleohacks.com
1	events.attentivemobile.com	cdn.attn.tv
1	dts6.clnmde.com	blog.paleohacks.com
1	cdn.mxpnl.com	blog.paleohacks.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	lg3.media.net	blog.paleohacks.com
1	fonts.gstatic.com	fonts.googleapis.com
1	assets.pinterest.com	blog.paleohacks.com
1	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	contextual.media.net	blog.paleohacks.com
1	links.paleohacks-mailing.com	1 redirects
308	83

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
paleohacks.leadpages.co
pinterest.com
www.printfriendly.com
paleohacks.go2cloud.org
phaff.resurge.hop.clickbank.net
hop.clickbank.net
www.instagram.com
paleohacks.com
www.paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
*.leadpages.co R3	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
mypaleorecipe.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
dts.clnmde.com GTS CA 1D4	`2023-11-02` - `2024-01-31`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-03`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-02`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Frame ID: 792EC1A81408FF4ADD11FDCB7B0AF79B
Requests: 161 HTTP requests in this frame

Frame: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1
Frame ID: 2421C72ECE7BA9E270849DF05784B64E
Requests: 2 HTTP requests in this frame

Frame: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1
Frame ID: 8BDF663BE4F0BB345C1EA83D7FFD8D87
Requests: 2 HTTP requests in this frame

Frame: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8E57CC7B7C89D30BC784FC715F7E972
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 84CAE056D0A53F58851185269838B128
Requests: 2 HTTP requests in this frame

Frame: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A68EA45543886485E8402CE64FCF9A4F
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u6gADZiwKd45KAAhcOXvMj5k9LFEfDa-i9Q&u=%7CsQ3X0qOZ3gV4atApAm2mgjydZG9Z64Btna04QEUnrKk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSytQmooxcCfazsFIC5azNpFHv_RscRphx-fW10U4Y425z8YN5h_1hjPKhyszboev_2KgInnNZ2N4ET4F9aV2BQPEA2dbvX5U_BjBOCT0_U6vW3xau-5asX-U-Vz9BSo3saOodR08aGIeGnR3_luVciRfpYR-8JPAlOilxWl-c7EwGrttEsl7XRKpiur2lJUY9wZXwdqXnnPiSN9dsjYyd_s0vMmolMZSuGMKyeWykdeK1Y4gA8JV5BRm0u2cfdO9LjqyKmAqGxip0VF72b0uqQzLjT7QACLBcWWmRU8TCpapotx8CAi4FguQGZf4vLsH_A69u8HpOAnQuIKwLvJPIAsIH6AMbwEWCFsS7izdDAeA8_bDN1Rd0NPCGImvv32qshb6S61iIulFupBgRWX7DLvSHH0Br6UCwCgXeiv0oPMHLRPqjTvlJtpWBJIBxVyb5topuSVgrArtSlXXDwuJBn9HGlMlqIT4aP6gvb2NJSuib9lb6sBdirk2YfgCLi65ppWpbWojVo7JNLS7rSBKaEIKm4MHQFSwPryN7NQu7EF_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLWvl6m5dZazMDcqc3gO5uKGIAsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoEwQJP0Ge_OXagT7f3hrBJmgEzBFNQ0JpSULGKdJo0MqODN7r_HH4TTkiuHLX4eBoLG65wOfQNEhah0mNZAa0he8Dq62zdup22JRLg2iMdrpNds97oGirTLHytprQxQbQsBvQfO1kTZU4P6uIfcFNXlHXwaJPGuqf9PoyZR0w_KHiFJ1SOitg7EHaVd7w_pg5AJ1BjI2jUZrT65R7kcGwq4v5daOBmS54C06AvyxaFlLpRtYkp95Cs-BfEcxuZgXWqi78FeigwBZZKkDNsXuxf-KogiippPL2BYts4RvI2MwRPaXFMLYcWHxHOVrfitQwALwSpy9kmFCQO6zO0689zYh1e4BLCgYRN6DnHr-fFpDFco3RWr5f7gYZJbpQ0KptmUaJZLqHdOXRlbdJCPFHA4wg8CZWVhBEd1gojB0T9JPoP5dLgBAGABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCJbYtO3O1oIDFUqOdwodOVwIIdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XHmGrOqurs6qO6-5VX0SiqNXUtQ%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 48F6DA08170A3053CCA90BE647F14375
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Frame ID: 8E5FAC9E676F2380ED08BF1AF400F662
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20e90b69c0c454%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 6A9E809DB5C157AFD1BE0531A7B29557
Requests: 4 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 54372F0937E26CBFC570A6E13525BB09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25398C8EE2263C9E60716C620AF48FE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6B3CC9FCD9228EB7AF2D5963C224342
Requests: 2 HTTP requests in this frame

Frame: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AAF1FBAFFD4EDE42ED72FE6D371CE382
Requests: 10 HTTP requests in this frame

Frame: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48BE2A170A49950FAFE2305573635997
Requests: 9 HTTP requests in this frame

Frame: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7642F18BC174994025ABA8CCC125AB14
Requests: 15 HTTP requests in this frame

Frame: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B5DE1011FFD52482C9922C9432455277
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u7wAFbK4Hg6KzAAwcdOYOtBEh-q52hp6NgA&u=%7CCPatFHeAG8scCItUdC2lH%2FxuLzWjJqf7No1NFEE4Rjc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSyD2v9T2mrhign09zbKlBuPLGrNRwccuO8Lue8Ij0RhMdS9pTrbssIKPoeQnYJhBjI6FBmFbaeW9ZxJy10EGyZzNsm_lnOHaPcupFQQo8TzAKu4FvuMy3i0T0tuXJDmlmstLNeql8_yj69LBn-VDaA4AMi7c4oSVKcL-THuTvQRSn6EkuX6bJfB7kel1UAHmLLIJFORyQjMC7OGYF359VCYwN_Jwmiym6I7ZLK9q3XrR1pe3c50BSFrGscYydWVv9VciOAPtkg6mktKMcHyP1aMLaSwfN178M4fXViis_06dko4MyxAa1X76NqmIaRCyeJLT05894UPi2TvhAHixEnc2dlubYj0VT4eWNV7smGA3G-ntKURG2XCF8O421hQrQ1-_Qu-IuTWjc44b-JEbV729BbugAjFHRb83_OggDjLWtdrACQAYUu4K_-DjEeIIrwgzulzv0WMQ4X0S9blUxVDEyyh7BpuYsthDcvfQyJaqzzce5IoFvA2LbWO3MGp42OBeeaAqQb8Tp0eikGo1opThkTmlpWICDV1LtP9F7QSmY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb0gr725dZa7ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS9Ak_QYvU68dfB3PIXjIwqujFe8iST4BEbZsqSIvoXT9zcsdk-97KFHnqg9HItfs3Kf1L3WN7Cfo269ka-vs-LVNOKlUYdKZRMhUMweT73T3N_PcB-eFm4G8OZOGpCN8zoJmL9LyoGTfMmPFjehdPE18aBDCFmxtFHEFha4mdvWnJCeEPITUkxORxkTN9TSSangSAmsifHOnfNHX7T8GkiaBm63i2Tb-wRkgUhCeHRlf4yxhh3kugQtnP4V5NQ8AoJjpE7jAE8vvQyyQZWwhUB_94fwrokPhEQizUhZHp2fkWh5QxjVwvYWZUN_FDms-Kv7LbAfcM0zFcXdflLT9KFKEaZjm8h-XVtEFBXYZmt8SjE8z_RfuyiqxCSMrBIzBEmpvCMpeg_VMQPMFhg3CEUeTKH7bkE2WZbbfPUzPv24AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiM6u3vztaCAxWzooMHHXQcDN3QFQGAFwE%26num%3D1%26sig%3DAOD64_1wSKFIu567s8jsz-2KYnoDfiCjTA%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: A1AA39620DC9D7150323F92C76A45DDA
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51A02503918548E451A8B6BE80E77CB5
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u7wAFbK8Hg6KzAAwcdK7hGrXt3IJ2L_8psA&u=%7CCPatFHeAG8vflBPyS0MQ%2BoskCn8elIZMrvwRXvAzjfY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSyukxC27s6UeXCRyp2Gr9k8tNnpSCWHZvvC_cLbwIHDOfWXO63FnOYOiBQAhi90MJIzwNCOKD20ShezofDGdvCLiACdYo5HPGYNxeE5rDa9frD7oaZXZyeUSHrpWtrR70wknUNbv0FbXi-3FVuPe3y5a3MVCXuMwV_PYBnWVPlQFmrE4oO3EafCVXdvJY4-5ctrhax2RB8ruRzPPhSAwGxntmR70ZYJpkNK5rGyok8Sl4O-IVUoit7e_BwHYezMUo3cjb1sWPkjOud7arLA4_cCSeR_z5Z2c6bfEkF_1PsQ6dmm9z2Ybm9dezXl8BEsXFxbuGcmcGDa2gEbijFzBqZbVvONpgkt7zHmmPZ8zehygTunGPt-k4X5Thl3V-d0V_drDaEIeQFkHFd54uMcVuBJK9Erd2lcbSvMb_UX1Eq-fNxHgLJ2bpUAs79mT-zYGUpmkuBPOQEORmQcOimmvn1c16Lk2JzRwscxRTQvtlKH9DZCjZlrE7-XEe3ve0EqgO46wWc4Lx1b8TmZ6AX1piowQX63GS-BhapYc61CmrQgoM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9Po725dZa_ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS-Ak_QdrPc_ZYCeSDC3LBTWAGhssTRCyw-e-vLvfSFDElwQ8yIqn0bQzrPTfjEhUO5g3gGg0fIpywaAAPY1fqeTLqNHQXH_Tu7cPpJVg3hNmZyGd66BpD4HkibMQx-l-Ri2tC2wDkJ30D1c7f5stKR3otPOJPEpX1V7G69YipgbUk47_nsmhIyB9c9IQaCRPSKteLbsezY-60agLyjsFSCuEftt4yM0LCX3xHSRZ4TgYR_NpdNj2pOoBqjr46KI5O-zfMtOdeBNN-2rEo5sxOR1YrDW-WfR6xwH8CeYQ75rYr3PFe5QO36RaTi2QcnECBRnA8VieNbZ1TcFY-FyOkD_uUf0yUVlyFRVm55OIS9DDNrjqcXzWXmM109IaiF2yUwa7QNwICidjN-Q2AQwB8TSvM0Aau2P0beOfhb4vsFV-AEAYAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIjert787WggMVs6KDBx10HAzd0BUBgBcB%26num%3D1%26sig%3DAOD64_2CgzC6wX1X5I7jxPzsLGhZ2P0-3w%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 87C2938279AD4876CA67340BD960D791
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51797F3E288CD6E8C6C567F07D6F2B34
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g3kf0zd8mvqw74snpvkp2xpgmm4m7jtrqykavwnehvcxjbxjp01vdv9ddcjrywqgve7qnb6fb5x4kgw65m0gwpxk0vp4xjb6tfh63hqmkesatzjgyzxyw56v8gmt2b3c6xpq7ms17bvd7hcd55c1x49sd625mp6jx82ta220gwj72jrhqj61y0jd2pbqbsf40y9bdydy9yq5vyryhxbwr4g495w6hec46mkxdydjkvpxgh7sjvnyyj71pqrrkvdbaq7031jxvrdx7s5hhnfbnv2qj6whzpmv3sxqf5w086pf7agv6ymxxfwtn9thhmrcz9vfxgwn1m1nxw1vjmkj71w33fh4kpdqmr7bqea42xnkqfd4q9xa99wfbmqzq1mbt80kr7sj6j3ym2gfcjpj6zv6hd4by3ejwjddk7tmeh37xvwy3c36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 9FF1DF0F884956A86B036791BFE4B4D8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41A33723838256B604CD454D8B5D18CE
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FB8C9317B149246F411E05ACF68FE8F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9089ADFB0DCD8DE7AD39D00A7FA7080D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 05A8CF2C66C9D6A6C9749D34DE6C0BFD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paleo Grain-Free Stuffing Recipe | PaleoHacks BlogFacebookPinterestTwitterYouTubeFacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_9fa8cf110c0f5ad456db67dd3a384e03cc36345c/27d... HTTP 302
https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

308
Requests

92 %
HTTPS

18 %
IPv6

58
Domains

83
Subdomains

76
IPs

9
Countries

3222 kB
Transfer

8692 kB
Size

60
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/
Title: Look no further than our FREE 21 Day Paleo Meal Plan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/&display=popup&ref=plugin&src=share_button
Title: <img alt="facebook" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/facebook.png"> Share on Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/link/?url=https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/&media=https://blog.paleohacks.com/wp-content/uploads/2015/11/Stuffing-1.jpg%20&description=Paleo%20Grain-Free%20Stuffing%20Recipe
Title: <img alt="pin" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/pinterest.png"> Pin It

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/&text=Paleo%20Grain-Free%20Stuffing%20Recipe
Title: <img alt="twitter" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/twitter.png"> Tweet

Search URL Search Domain Scan URL

URL: https://www.printfriendly.com/print/?url=https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Title: <img alt="email" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/email.png"> Email It

Search URL Search Domain Scan URL

URL: http://paleohacks.go2cloud.org/aff_c?offer_id=16&aff_id=1000&aff_sub=psweetcta

Search URL Search Domain Scan URL

URL: http://phaff.resurge.hop.clickbank.net/?lid=3&tid=resurgetxt

Search URL Search Domain Scan URL

URL: http://hop.clickbank.net/?affiliate=phaff&vendor=bloodsug&tid=halkitxt

Search URL Search Domain Scan URL

URL: https://www.instagram.com/courtneyjanetlopez/

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

URL: https://www.paleohacks.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_9fa8cf110c0f5ad456db67dd3a384e03cc36345c/27d751682a134bfc49a7d4559b21a67cb31823f6 HTTP 302
https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172

https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width

Request Chain 216

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2a402d1b-0e51-47c6-ba0e-74243dd5dc1a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ce36b8a9-f49a-410c-949a-1d6ce2a64914&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D24ed098ab93d4dc6aea1c8dc42daa709%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7211594&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=3643596249749460902 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=24ed098ab93d4dc6aea1c8dc42daa709&SNR=1&GV=2&med=10

Request Chain 242

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1&google_push=AXcoOmTnW0ekuM9s6OCzB3I35UEyKucEWs5NYdilBJ5okshGUUKxisSyiqTqQaH1ey4YCTP4cz5U1TCYCj6osl0csM4mn2ErS3RxyZ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcyNzMxNjA1NTk4NzM5OTc2NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1

Request Chain 243

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOAVKvs4PMKaBmtiEuBY7aA&google_cver=1&google_push=AXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAVKvs4PMKaBmtiEuBY7aA&google_cver=1&google_push=AXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 244

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG_YynE88vVO6wxW5Y3iNDw&google_cver=1&google_push=AXcoOmQNDQ1_Sxcy7sSlxnoQ3cNo4ipzHrk3J_V83I-dCBkq_KWSbDCMUVjBsjndnsOhd2YZ4eiBm8uhiA2GfCmXgtWf_VBriV-agtU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQNDQ1_Sxcy7sSlxnoQ3cNo4ipzHrk3J_V83I-dCBkq_KWSbDCMUVjBsjndnsOhd2YZ4eiBm8uhiA2GfCmXgtWf_VBriV-agtU&google_hm=pQxtGcKHRmCEb1SKa4CMimk

Request Chain 248

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VREDSkE6Pzek7h2iPLs6ZI0x1GCU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VREDSkE6Pzek7h2iPLs6ZI0x1GCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NzY1NjU4NjgwMzY0NzMxMw&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VREDSkE6Pzek7h2iPLs6ZI0x1GCU

Request Chain 251

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1&google_push=AXcoOmSgz7g8Gq0GD1YCjMXlHcbCINX3XZeZiVcwH94BkCo5pgUB-0u4Bao29c34oqM2m7DXLz_l93xj_QzF9aQbGuH5V4tx2L5EyUy_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA2ODM4NDMzMTMyNTA1ODEzMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1

Request Chain 252

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmT2BxA2nFR6e05KpyueXComFIGQoyupAsDhvhNoQR_Mc4I5pJIHuUC5y4DBSceJVfkY00RD9GyY6mHIZtPwW4DCYgrOfRAE6dw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmT2BxA2nFR6e05KpyueXComFIGQoyupAsDhvhNoQR_Mc4I5pJIHuUC5y4DBSceJVfkY00RD9GyY6mHIZtPwW4DCYgrOfRAE6dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmT2BxA2nFR6e05KpyueXComFIGQoyupAsDhvhNoQR_Mc4I5pJIHuUC5y4DBSceJVfkY00RD9GyY6mHIZtPwW4DCYgrOfRAE6dw

Request Chain 253

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKLdWpF4IxIInHWxtnFwqGE&google_cver=1&google_push=AXcoOmSeG5yan8mKqoUGEyxX_iK9J9VYg84fQeLYcmzDgmKmn9uoeKfeHt-0YxB8FwPKIhYPEwo3GWCvgNvRRMf0DQXnP1kQt9hMRRo2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExNjE1MjA0Mjg0NjM2Nw%3D%3D&google_push=AXcoOmSeG5yan8mKqoUGEyxX_iK9J9VYg84fQeLYcmzDgmKmn9uoeKfeHt-0YxB8FwPKIhYPEwo3GWCvgNvRRMf0DQXnP1kQt9hMRRo2

Request Chain 254

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDqPh4ml36i_Hfc2nMKetI&google_cver=1&google_push=AXcoOmSM3NidVFT2-9l2-X4Fx4xATagM0sXEiqvk8gUJJ99S4B_J7jwCtbdDVxezfD8-Yg_VdDo2-aDLM6VtRVwrUESmo4yXY2M6eCv_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM3NidVFT2-9l2-X4Fx4xATagM0sXEiqvk8gUJJ99S4B_J7jwCtbdDVxezfD8-Yg_VdDo2-aDLM6VtRVwrUESmo4yXY2M6eCv_&google_hm=eS1FaGZpSGd4RTJwR0NQdURVVHUwbDAzUUdnc01oSW12en5B

Request Chain 255

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6bznBJ8AloP5ttvGiPKK3z47C HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6bznBJ8AloP5ttvGiPKK3z47C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4OTgxMTQ3OTUxNDg1OTQ&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6bznBJ8AloP5ttvGiPKK3z47C

Request Chain 256

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvEKtOeZw4Nox7d29bkoDJRIqqyus HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvEKtOeZw4Nox7d29bkoDJRIqqyus HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODQ3Mzc1MjIyNzI1MzQ0Mw&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvEKtOeZw4Nox7d29bkoDJRIqqyus

Request Chain 257

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEF-KfO1cSi6r8oEmExcNBLg&google_cver=1&google_push=AXcoOmTFz7dLIbYkzcpJ_DHWRpiBWZWbEEbhR1oGGgx7cid6RMQDXEFH10il9EurI6C9ceP07eR_nlbkN0Hi6qXwGqhIYDrlGCSTENxODQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MDk4MDE1YTItODNmMC00OTA3LThmZDEtYzNhMGE0Nzk3OWNl&google_push=AXcoOmTFz7dLIbYkzcpJ_DHWRpiBWZWbEEbhR1oGGgx7cid6RMQDXEFH10il9EurI6C9ceP07eR_nlbkN0Hi6qXwGqhIYDrlGCSTENxODQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 268

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENvw0Imn2NXnxX1vUMcIcqQ&google_cver=1&google_push=AXcoOmS2aYy1_p5mcOSujchiaS6ipneW7WM99jGR9w9MprkAH-OJFlWKVzCuoW_EdrAyy1O4XoaItFBShtO6CCw97aKHdkTz4k0eKVpW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENvw0Imn2NXnxX1vUMcIcqQ&google_push=AXcoOmS2aYy1_p5mcOSujchiaS6ipneW7WM99jGR9w9MprkAH-OJFlWKVzCuoW_EdrAyy1O4XoaItFBShtO6CCw97aKHdkTz4k0eKVpW

Request Chain 269

https://um.simpli.fi/gp_match?google_gid=CAESEG6qR3z1wsOyef6lkWwiLOo&google_cver=1&google_push=AXcoOmTgEfYslq6dMmHM1ecno7hwT4iN9vsVVBmF8YnDFjjiGHOGy5jtOhrVJtZDdgeBe0qNtnsMHIZN4ups8Q8srOqwFg6grlVrH3mB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A969B066B3354A0AA46FB7DB7F256AB3&google_push=AXcoOmTgEfYslq6dMmHM1ecno7hwT4iN9vsVVBmF8YnDFjjiGHOGy5jtOhrVJtZDdgeBe0qNtnsMHIZN4ups8Q8srOqwFg6grlVrH3mB

Request Chain 270

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBT1Pk8UsuiU1MjtCgvXjd4&google_cver=1&google_push=AXcoOmQ--oKTq4_GKLNndm4YI7R7ItoCd8tED5RrnMCDkI836XO8yR5KdHkUakdlGA2T4U9jILdV5xjQJU-B11UnjX8SNymCrWURtklj HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBT1Pk8UsuiU1MjtCgvXjd4&google_cver=1&google_push=AXcoOmQ--oKTq4_GKLNndm4YI7R7ItoCd8tED5RrnMCDkI836XO8yR5KdHkUakdlGA2T4U9jILdV5xjQJU-B11UnjX8SNymCrWURtklj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZjZmMyZjMtOGIzYi00OWU5LWIzNmUtOWJiNTkyYjIxMjc1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16cfc2f3-8b3b-49e9-b36e-9bb592b21275

Request Chain 272

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDqPh4ml36i_Hfc2nMKetI&google_cver=1&google_push=AXcoOmS197pvXpfKX4Rt2ouAHCsc9VCA4YkLmNlhWzIdJHU9c-1VwpovWkNo2YNm6R5lQm4kJN7Iw5xDqVc1jRzg0Pd0wA9LxZF4r-fK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS197pvXpfKX4Rt2ouAHCsc9VCA4YkLmNlhWzIdJHU9c-1VwpovWkNo2YNm6R5lQm4kJN7Iw5xDqVc1jRzg0Pd0wA9LxZF4r-fK&google_hm=eS1MUmQxMGpCRTJwRmp0SjgxNU03VjFYUUR2RXRYRkVMcn5B

Request Chain 274

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJY4nrOsHDq4yfpqt5sNdw4&google_cver=1&google_push=AXcoOmSM8pCQowS5jpoPFu__MhPAcyhWqcJXG7Sbh6h89T95YuQucEkBikuAnO6TYhN_t_zze2g5JQADaXqG7DBfLGSFce0IDk7HHBm5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSM8pCQowS5jpoPFu__MhPAcyhWqcJXG7Sbh6h89T95YuQucEkBikuAnO6TYhN_t_zze2g5JQADaXqG7DBfLGSFce0IDk7HHBm5

Request Chain 301

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEeTQ8a1c4p89Q-zPP7WlqM&google_cver=1&google_push=AXcoOmQzETnMZ_qnrHhLUbf_alSoKwtc1g21Xe-YPBNcCrYFlVMEr4k6m0H34F0O33a-_i1fM2IUfDR2ewuAa7vz1JQGf00q4M3wJlg HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQzETnMZ_qnrHhLUbf_alSoKwtc1g21Xe-YPBNcCrYFlVMEr4k6m0H34F0O33a-_i1fM2IUfDR2ewuAa7vz1JQGf00q4M3wJlg&google_hm=AA

Request Chain 302

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmQcYoAl7iwiPFWtEJa8_pKirVZh887lmBpwcwzUxPBk3joEinYnD9aE1yp3TSrTvwv0DyOLTSQaalUdlK1f7V-UyVLavIHWRN8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmQcYoAl7iwiPFWtEJa8_pKirVZh887lmBpwcwzUxPBk3joEinYnD9aE1yp3TSrTvwv0DyOLTSQaalUdlK1f7V-UyVLavIHWRN8

Request Chain 303

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG_YynE88vVO6wxW5Y3iNDw&google_cver=1&google_push=AXcoOmSgIuvLbyQvr54AuwWdLUcKMymWvMCtcYu6WNVUdbsjtRm_skxOeS86sL1YdNqYnpealmyS369mejTbn5v2uCWuU1kTI2UGIVc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSgIuvLbyQvr54AuwWdLUcKMymWvMCtcYu6WNVUdbsjtRm_skxOeS86sL1YdNqYnpealmyS369mejTbn5v2uCWuU1kTI2UGIVc&google_hm=pQxtGcKHRmCEb1SKa4CMimk

Request Chain 304

https://d5p.de17a.com/cookies/google?google_gid=CAESEJi_zGcRiDa0r1jSty_cjyY&google_cver=1&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G0OUUz9g HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJi_zGcRiDa0r1jSty_cjyY&google_cver=1&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G0OUUz9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G0OUUz9g

Request Chain 307

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJY4nrOsHDq4yfpqt5sNdw4&google_cver=1&google_push=AXcoOmS6nbmnEOEw_UkTlHqnWiHOLhJQsM_RCws0UxOyK-K-_vQskXUT4vNiZxOzU_UeiH_exEmsN-KgFajHwivG3v-Iq9pCKroSwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6nbmnEOEw_UkTlHqnWiHOLhJQsM_RCws0UxOyK-K-_vQskXUT4vNiZxOzU_UeiH_exEmsN-KgFajHwivG3v-Iq9pCKroSwQ

Request Chain 316

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKjW3PHO1oIDFdNl4AodrTwCXg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

308 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_9fa8cf110c0f5ad456db67dd3a384e03cc36345c/27d751682a134bfc49a7d4559b21a67cb31823f6
https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

153 KB
30 KB

1340ms
720ms

Document
text/html

104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: 08bc343fba330a46102b13d618118d898c91f1a703f6e2eebe8ef98f97fa638a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 829deccc0c6d9b88-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 03:00:57 GMT
expires: Wed, 22 Nov 2023 03:00:56 GMT
last-modified: Tue, 21 Nov 2023 23:25:46 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 03:00:55 GMT
location: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.22.1 + Phusion Passenger(R) 6.0.18
status: 302 Found
transfer-encoding: chunked
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 5.3.7
x-request-id: 086ddce7-d5e5-4aab-9815-c06bc3ab883b
x-runtime: 0.029117
x-xss-protection: 1; mode=block

GET
H2 200 schema-style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/schema-creator/lib/css/ 673 B
409 B 60ms
52ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/schema-creator/lib/css/schema-style.css?ver=1681483471
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31395ea37360cb79a7d85a8a9d46aa7b1a0156461f189ae821905441daad80a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1718374
cf-polished: origSize=680
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:31 GMT
server: cloudflare
etag: W/"643966cf-2a8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee289b88-FRA
expires: Sat, 02 Dec 2023 05:41:23 GMT

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
166 B 58ms
51ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 930654
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd0ee2a9b88-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Mon, 11 Dec 2023 08:30:03 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 59ms
53ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 1808137
etag: W/"643966cb-e6e4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee2c9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Dec 2023 04:45:20 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 115ms
108ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 1200641
etag: W/"650200aa-19824"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee2d9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 05:30:16 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 103ms
97ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 1213790
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee2e9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 01:51:07 GMT

GET
H2 200 font-awesome.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 31 KB
7 KB 116ms
110ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 865373
etag: W/"643966cb-7b13"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee2f9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 02:38:03 GMT

GET
H2 200 fonts.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 3 KB
413 B 101ms
95ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 681128
etag: W/"643966cb-a81"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee309b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 05:48:49 GMT

GET
H2 200 front.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/ 729 B
317 B 115ms
109ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 1130215
etag: W/"643966cb-2d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee329b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 01:04:01 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 2 KB
824 B 104ms
98ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 941186
cf-polished: origSize=2221
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-8ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee339b88-FRA
expires: Mon, 11 Dec 2023 05:34:31 GMT

GET
H2 200 twitter-feed.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/ 1 KB
558 B 115ms
110ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 846237
cf-polished: origSize=1466
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd0ee349b88-FRA
expires: Tue, 12 Dec 2023 07:57:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 438ms
40ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f10.1e100.net

Software

ESF /

Resource Hash

7c0ef3f2ef1f7defcf7b9bd90f7fb577b56eb65b3b26568f8fc1fa65b0b7bb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 03:00:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 03:00:57 GMT

GET
H2 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
14 KB 147ms
141ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 687499
etag: W/"65020110-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd10e3a9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 04:02:38 GMT

GET
H2 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 119ms
114ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 1894409
etag: W/"65020110-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd10e3b9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 30 Nov 2023 04:47:28 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/ 1 KB
493 B 131ms
126ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1712358
cf-polished: origSize=1055
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-41f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd10e3c9b88-FRA
expires: Sat, 02 Dec 2023 07:21:39 GMT

GET
H2 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 144ms
140ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 510227
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd10e3e9b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 05:17:10 GMT

GET
H2 200 sspop.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 127ms
123ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/sspop.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1721968
cf-polished: origSize=3500
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-dac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd10e3f9b88-FRA
expires: Sat, 02 Dec 2023 04:41:29 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/ 22 KB
5 KB 128ms
124ms Stylesheet
text/css 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1216953
cf-polished: origSize=22749
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-58dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 829decd10e409b88-FRA
expires: Fri, 08 Dec 2023 00:58:24 GMT

GET
H2 200 jquery.min.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 85 KB
31 KB 130ms
127ms Script
application/javascript 104.22.1.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 174341
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd10e419b88-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 02:35:16 GMT

GET
H3 200 jquery-migrate.min.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 13 KB
5 KB 35ms
34ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 501899
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd21b874d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 07:35:58 GMT

GET
H3 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 53 B
293 B 31ms
31ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 74168
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd23b8d4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 06:24:49 GMT

GET
H3 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
536 B 32ms
31ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 173590
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd23b8e4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 02:47:47 GMT

GET
H3 200 634.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/634.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 509359
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd23b8f4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 05:31:38 GMT

GET
H3 200 675.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/ 5 KB
2 KB 27ms
24ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/675.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 73213
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd23b924d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 06:40:44 GMT

GET
H3 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 910 B
644 B 24ms
24ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 1578
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd24b954d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 02:34:39 GMT

GET
H3 200 653.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/ 90 KB
27 KB 31ms
29ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 90510
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd24ba24d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 01:52:27 GMT

GET
H3 200 dtag.js Show response
blog.paleohacks.com/wp-content/cache/min/1/paleohacks/ 3 KB
2 KB 41ms
27ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 261280
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bcd4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 02:26:17 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 444ms
35ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a65f6955d63fe48cacde26846576b4aa6d3df7200bb0c21b1992794fbd61f058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:00:57 GMT
content-md5: Hj+t0YIfBtucqxdbv74F/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: MlNL8MkSRf/Rll7errLaKbtP2RCQOQjZ5xluSPChjoRhnMEykwJbLqvMBXb/GZUIV5LoQRuLce9T76YRLhqNwg==
x-fb-content-md5: 830232dfec5a5a968107df0a5cf2b64d
cross-origin-opener-policy: same-origin-allow-popups
etag: "227291bcec480ca97bab8b1948f78edc"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:06:55 GMT

GET
H3 200 gpt.js Show response
blog.paleohacks.com/wp-content/cache/min/1/tag/js/ 78 KB
27 KB 50ms
37ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:29 GMT
server: cloudflare
age: 245068
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bce4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 06:56:29 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 112 KB
43 KB 298ms
96ms Script
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd4a79f91644d8320bd32ee1c2083e8af351105001ef29af507e67ad1cbdfcd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-mnt-h: 21-g4dd
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 22 Nov 2023 03:00:57 GMT
server: Apache
etag: "9076f98e24e279d3cceee43cc2f629ec"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-s1v0
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:05:57 GMT

GET
H3 200 leadbox-1495834292.js Show response
blog.paleohacks.com/wp-content/cache/min/1/ 14 KB
5 KB 44ms
31ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1495834292.js?ver=1681483491
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca275dd77cd911cd2e6fa1612657cfc3b67f9577d390eb8639fcea27085b285e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:51 GMT
server: cloudflare
age: 248258
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd04d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 06:03:19 GMT

GET
H3 200 pinit.js Show response
blog.paleohacks.com/wp-content/cache/min/1/js/ 360 B
466 B 42ms
30ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 73213
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd14d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 06:40:44 GMT

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 52ms
40ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 432662
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd24d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 02:49:55 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
929 B 58ms
47ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 509359
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd64d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 05:31:38 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/ 259 B
411 B 69ms
58ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 406912
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd74d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 09:59:05 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
951 B 69ms
58ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 430380
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd84d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 03:27:57 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/ 4 KB
1 KB 72ms
61ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/556.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 504242
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bd94d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 06:56:55 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
1 KB 74ms
63ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 334917
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bda4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 05:59:00 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
944 B 69ms
63ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 164579
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bdb4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 05:17:58 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 69ms
64ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 164579
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bdc4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 05:17:58 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
441 B 69ms
64ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 92029
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bdd4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 01:27:08 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 69ms
61ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 407902
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bde4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 09:42:35 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 69ms
62ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 71670
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26bdf4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 07:06:27 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 70ms
62ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 334917
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26be14d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 05:59:00 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
951 B 70ms
62ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 259354
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26be24d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 02:58:23 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
283 B 72ms
64ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 334917
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26be34d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 05:59:00 GMT

GET
H3 200 sdk.js Show response
blog.paleohacks.com/wp-content/cache/min/1/en_US/ 2 KB
1 KB 89ms
81ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 345930
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26be54d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 02:55:27 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 90ms
83ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 71670
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd26be64d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 07:06:27 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 91ms
81ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 521900
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd27be84d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 02:02:37 GMT

GET
H3 200 lazyload.min.js Show response
blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 91ms
82ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:07:28 GMT
server: cloudflare
age: 423714
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 829decd27be94d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 05:19:02 GMT

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 401ms
113ms Script
text/javascript 3.233.76.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.76.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-76-141.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 421ms
28ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Nov 2023 03:00:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: uQDtA+G5LzMamFAlsMPgXb7FE4K/3/9o56Dr6PErOmJGtoJrwKEktbPoo9mf+URIEbwU5Job1QwajcrYfN+bAA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
30 KB 473ms
46ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

51ed5c1fa0510b3815fcf5aa7935ee51511eadb2c565d5731c6e6dcefba1debb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30322
x-xss-protection: 0
server: cafe
etag: 442 / 19683 / 31079695 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:00:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
88 KB 450ms
41ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0ccbb657fba8eb9e60b1142a314de06ed74bc577e3fb47432b46f3edb34e9792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 03:00:57 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 35 KB
13 KB 83ms
80ms Other
image/svg+xml 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ecfb7fb539e851138504ca730068408f677cff5d7ef348a0c7f69dbb31371a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:32 GMT
server: cloudflare
age: 769683
etag: W/"65020130-8b8c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 829decd27bea4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 05:12:54 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e790e57b5e2b425d26a169ff72f22467114f21753bc0750ac13fec1654e6fc33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c00be08806046a985539e41de6a0c858718abdf035286564d1c970b06e7d7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e442b9500eb2ca5b00bdadb274d786b6795154c691d99307df2ada5585d081ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2165385a5690585350f9cb20e0a35d49ded8bfecf7b895536b856c08219df9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
api.ipify.org/ 0
0

OPTIONS /
api.ipify.org/ Frame 0
0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 399 KB
124 KB 399ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 03:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84552
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126556
x-xss-protection: 0
server: cafe
etag: 15138777047932052885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 03:31:45 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
611 B 412ms
33ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.paleohacks.com

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

029ba5a158c9c1ef81afa547eb7caa84feac644621c208a36086a1071d2eb26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69
x-xss-protection: 0
expires: Wed, 22 Nov 2023 03:00:57 GMT

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 129 KB
43 KB 439ms
46ms Script
application/javascript 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e22ce339e1c9836de24a55bdef253bf9b230c1888600bf55de8e45145eb1f8c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: VSQt1dd_CUNA6l2J3mjCwV28SLMTIJec
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 02:59:49 GMT
x-amz-cf-pop: FRA56-P2
age: 70
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Nov 2023 17:06:03 GMT
server: AmazonS3
etag: W/"b9b01632028a277916a4782d9a57b639"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: OtOQxrQOrIyR1Ne3Y8CloxVBhHJ9ScJHQdMxnT1FMjdlPAMMihdhgQ==

GET
H3 404 can-i-show.js
blog.paleohacks.com/static/all/js/ 0
0 1317ms
1317ms Script
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/static/all/js/can-i-show.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1495834292.js?ver=1681483491
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=43200, must-revalidate
cf-ray: 829decd41ced4d3e-FRA
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 115ms
36ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c962fc63a14114fac723739ec1c75b88

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

7c92c68fc256659147ea84d0fece9ef36f9533ce03f37add80ad758e0990fbb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:00:57 GMT
content-md5: KHjZhy9HAzu+WKR5pw91Og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86880
reporting-endpoints
x-fb-debug: 48WWyz0wJgVr8UAH/AXoc/xG6vPmGTBbKg5o/XLiwNv4weAuzKEy3AseSRIMvOf0Fr88CdE5TXHTLef0QMgksA==
x-fb-content-md5: 00c84a9653c9a877a21691b1c01be7a8
cross-origin-opener-policy: same-origin-allow-popups
etag: "b52bd09bc5cee88b8deb2b4f643717fa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 14 Nov 2024 07:42:29 GMT

GET
H2 404 / Show response
paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/ Frame 2421 12 KB
4 KB 1003ms
640ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1495834292.js?ver=1681483491
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Wed, 22 Nov 2023 03:00:58 GMT
server: Leadpages
vary: Accept-Encoding

GET
H2 404 / Show response
paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/ Frame 8BDF 12 KB
4 KB 945ms
586ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1495834292.js?ver=1681483491
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Wed, 22 Nov 2023 03:00:58 GMT
server: Leadpages
vary: Accept-Encoding

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 482ms
34ms Script
application/javascript 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.23010976461255228
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-183.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=252
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 18679

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 2 KB
813 B 1272ms
1272ms XHR
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=display_popular_articles&_=1700622057297

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

7c908c481e601721e861365b84411689268d2035ba4a68dbf74f41052077401f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 829decd4cd694d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 417ms
27ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 463479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:16:19 GMT

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 28ms
27ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 848594
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d8a4d3e-FRA
expires: Tue, 12 Dec 2023 07:17:43 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
15 KB 30ms
28ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 936892
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d8b4d3e-FRA
expires: Mon, 11 Dec 2023 06:46:05 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 29ms
28ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 1084141
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d8c4d3e-FRA
expires: Sat, 09 Dec 2023 13:51:56 GMT

GET
H3 200 Stuffing-1.jpg
blog.paleohacks.com/wp-content/uploads/2015/11/ 70 KB
70 KB 707ms
706ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/11/Stuffing-1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e8a7ceee5cc379e48c7270fb70fa07cd3dececba10ab96f6dafaf1994470b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:00:58 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 16:40:54 GMT
server: cloudflare
etag: "5dc6ec16-117de"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d8d4d3e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 71646
expires: Fri, 22 Dec 2023 03:00:58 GMT

GET
H3 200 instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/12/ 10 KB
10 KB 50ms
49ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/12/instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 19965
cf-polished: qual=85, origFmt=jpeg, origSize=13651
content-disposition: inline; filename="instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10232
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 03:23:53 GMT
server: cloudflare
etag: "5fd2e649-3553"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d8f4d3e-FRA
expires: Thu, 21 Dec 2023 21:28:11 GMT

GET
H3 200 Breadfruit-Flour-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/10/ 14 KB
14 KB 51ms
50ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/10/Breadfruit-Flour-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 845941
cf-polished: degrade=85, origSize=19193, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 13929
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Oct 2020 21:03:53 GMT
server: cloudflare
etag: "5f8f50b9-4af9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d904d3e-FRA
expires: Tue, 12 Dec 2023 08:01:56 GMT

GET
H3 200 The-14-Day-Keto-Meal-Plan800-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/09/ 30 KB
31 KB 30ms
29ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/09/The-14-Day-Keto-Meal-Plan800-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 845941
cf-polished: qual=85, origFmt=jpeg, origSize=36409
content-disposition: inline; filename="The-14-Day-Keto-Meal-Plan800-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30954
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Sep 2020 22:14:02 GMT
server: cloudflare
etag: "5f63dfaa-8e39"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d914d3e-FRA
expires: Tue, 12 Dec 2023 08:01:56 GMT

GET
H3 200 The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
blog.paleohacks.com/wp-content/uploads/2019/03/ 73 KB
73 KB 51ms
50ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/03/The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:57 GMT
cf-cache-status: HIT
age: 942821
cf-polished: qual=85, origFmt=jpeg, origSize=109440
content-disposition: inline; filename="The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74830
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Nov 2019 20:19:53 GMT
server: cloudflare
etag: "5dc9c269-1ab80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decd52d934d3e-FRA
expires: Mon, 11 Dec 2023 05:07:15 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 131 KB
42 KB 219ms
110ms Script
text/javascript 23.48.23.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG3G308
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-22.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: fef69160f24730d93bf5ad1a963a59b6bfcda982ab97ef1ec8e00745cc756d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 03:00:58 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive, Transfer-Encoding
Transfer-Encoding: chunked
Expires: Wed, 22 Nov 2023 03:05:58 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ 35 B
338 B 613ms
181ms Image
image/gif 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?vgd_len=386&pid=8PO7GEXX5&prid=8PRHGG6T9&gdpr=0&mspa=0&action=16&reason=9&cid=8CUG3G308&crid=726657258&vgd_cdv=1118&vgd_cage=1&cc=UA&ugd=4&requrl=https%253A%252F%252Fblog.paleohacks.com%252Fpaleo-grain-free-stuffing-recipe%252F&domain=blog.paleohacks.com&vi=1700622057224510251&vgd_tsce=L325&hvsid=00001700622057814005288338979269&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Wed, 22 Nov 2023 03:00:58 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 22 Nov 2023 03:00:58 GMT

GET
H2 200 1143227772537202 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 141ms
140ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1143227772537202?v=2.9.138&r=stable&domain=blog.paleohacks.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

83d7c740e561b74bac04477add1ac4134814be5c9563e8bb87c62310be09cfc0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Nov 2023 03:00:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: g4obi/DFvOvEm8GCDHCkgOWII6jEUT9+TQVZ8xm2Dvb+biqMohump8nu4k9yLUsZLr4joo+YCpw2K/rXN+yiNg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 62ms
61ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

237733e81fb971c8773cd0a44003cddd05066ca6a49211f3455746cd3d3ecd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 03:00:58 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 3 KB
2 KB 424ms
41ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1700622058029&cv=11&fst=1700622058029&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&hn=www.googleadservices.com&frm=0&tiba=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f17856e90ff08639e05d9298eeeddba6118a35375e7bc3a3c173ff7087333ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 405ms
26ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 01:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4280
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 03:49:38 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 329ms
53ms Script
application/javascript 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-183.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1793

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 460ms
43ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3037
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVG00iq1Btt3qY8Vl6%2FR%2FW3gDxygaMt6yyJZlZ9sPsqCn%2BKCP%2BzWfY81zF7vCRlOM9HVF%2BU4HHEtxV4QvVXaCN6JB72%2Bc25FTd26g0mwSU%2FGhTE8nx60k3mMh142zvht9a7f%2BixCtQbz3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 829decd9aa21f14c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 418ms
32ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:51:46 GMT
content-encoding: gzip
age: 552
x-guploader-uploadid: ABPtcPo42Bg24kpSl_4BkdOsjNw7VeDBu7Em6uT6GAXt7wzEAVdHQBoBk7g-bapLcUZ21_elF7j4Fhc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18139
last-modified: Tue, 14 Nov 2023 19:54:10 GMT
server: UploadServer
etag: "dff66d0b72bdc18a02be56412d5ef8c4"
vary: Accept-Encoding
x-goog-generation: 1699991650202934
x-goog-hash: crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18139
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:01:46 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 1340ms
1337ms Script
text/javascript 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 03:01:00 GMT
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: 8vUxoFhNL8gTD-esuSS7P-7CPWOsiaIIkyszGx7Z8zD8Va5BKr4cgA==

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 424ms
32ms Script
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 216ms
215ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=206900439635819&correlator=3923372781103269&eid=31079527&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2CPHBlog300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&adks=79842087%2C1706127594&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700622058159&lmt=1700609146&dlt=1700622057043&idt=1058&adxs=-9%2C690&adys=-9%2C483&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&frm=20&vis=1&psz=0x-1%7C300x250&msz=0x-1%7C300x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=2075019165.1700622058&ga_sid=1700622058&ga_hid=633251181&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fef27207c3e7590a3cedd3db14d80f3eef2cfbcf837eca2908807f984d6adb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15274
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8E5 6 KB
3 KB 451ms
33ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:58 GMT
expires: Thu, 21 Nov 2024 03:00:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 84CA 12 KB
4 KB 35ms
33ms Document
text/html 23.48.23.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-22.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3751
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Nov 2023 03:00:58 GMT
Expires: Wed, 22 Nov 2023 03:05:58 GMT
Vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
72 B 252ms
153ms Ping
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 cenw.js Show response
dts.clnmde.com/ 36 B
356 B 251ms
154ms XHR
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 2a157d490d0133376e8dbf42d2abe60090db02d0652caf2c99a2bb93bc7247e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
via: 1.1 google
etag: W/"24-m29YRkBmkx+eNcTC/wISaA"
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36
alt-svc: clear

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
366 B 239ms
152ms Ping
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 ptmdDual
dts6.clnmde.com/ 70 B
131 B 394ms
126ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22170062205832131958486384%22%2C%22za%22%3A1%2C%22gcd%22%3A1700622058462%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
via: 1.1 google
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
257 B 515ms
418ms Fetch
application/json 104.18.43.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=5b5ce6f9d5c543eeb73964d2d3fd6676
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 829decda8fc88fd1-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
160 B 242ms
138ms Ping
text/plain 104.18.39.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.25.42_078e955804&pd=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&u=5b5ce6f9d5c543eeb73964d2d3fd6676&c=paleohacks&ceid=UsU&lt=1700622058540&tag=modern&cs=740094654&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1700622058550
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 9
cf-ray: 829decdaab823686-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 container.html Show response
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A68E 6 KB
3 KB 33ms
32ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:58 GMT
expires: Thu, 21 Nov 2024 03:00:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
140 B 138ms
137ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4IgxmAWDWIFwG0QHYBMA2dBWNWAcIAugDQgAOAlgCYAu8SADEaQE4CmAZgKosA2diEMxABnFmB796ISDRpkRAUgDMAQUWoAYhs0AjXgHsA5gDoyAQ15sDkc2GgiTYAwFsdFqwYC0RluYoAdl4c7GxeIjQArhwcgUZe7GAUZGw6wgBuIgD61AIIAZG8vCQymTm00gxVDACMyFXoqKgMOHg1ACxVWKh4eMrKeACcyIMYg8JgkRHleSB4AMJcAOLKKwwEJWAs6dLAADooGNi4eAdw+yA0AJ4pZwdb5QfEB+kUj-AHdQ1NLWio7VgagxUICngdIGVqHcQNVavUGI1mq0Ol0en0BsNRuhBgcAL644QBcz0dqoQbtQboNDodrEGrKTp4erKQbELDKKp4dp9BglIkieBk0gUcwuei84XmAVwPCkCLmKLShC0-rEBlqrBq9Bq5Bq2Us4hkkoAL2JcBqpDIRngIB2pCMkBtXwRP3wylQ9Jqg3w3PQA3aIFImRt6BMDBMWGxgZAlngylIHDA8C8FpAbBoFCd8MRv2jECoNq4qmjEWtcAYctgcBAzpzOCyWAYyHRyA5wPQ0bYyRtyhqJnpyhMg0HQKw0fSbBYNrILAMBdIbEiZtTkUz5YX6V49BKZGDiBKIl4ESz3yReDJHdIvA48FT+gEXor4CmNHKNoWy1WHIIQbe1BPLpIn8AJAiCNTRkYSbmtmrp4Ng8YgAAjmwt4Jmuyi4kAA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:58 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 474ms
51ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je3b81v871543173z877268957&_p=1700622057313&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2075019165.1700622058&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700622058&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&dt=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&en=page_view&_fv=1&_ss=1&tfd=3734
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 474ms
52ms Ping
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=2075019165.1700622058&gtm=45je3b81v871543173z877268957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 475ms
55ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=2075019165.1700622058&gtm=45je3b81v871543173z877268957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1724491401

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
383 B 412ms
411ms Script
text/javascript 18.66.97.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 09:48:23 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 61957
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: jweXklp8WFDQ7ZAsJS1TPI8SsAwvCNQxugdlhzaC1gc7mtt2nN9sgw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 437ms
38ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1143227772537202&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&rl=&if=false&ts=1700622058820&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700622058818.1107978980&ler=empty&it=1700622057947&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Nov 2023 03:00:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8BDF 9 KB
858 B 34ms
34ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.leadpages.co
URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f10.1e100.net

Software

ESF /

Resource Hash

a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 02:11:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 03:00:58 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 2421 9 KB
762 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.leadpages.co
URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 03:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 01:58:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 03:00:58 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 126ms
126ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4Ig1ghgxgziBcICMB2ADGgbAJm2grABwDM2SxSAnEQCyGbGE0gA04ARrAkm1AG5dEwADogANgHsoEMQH0YAFwkAnCAHMApqPijUGHHiKlyVWvUY1RLUTA0wYASwkA7eUtWbtu9FlwESZBTUTOZMVqJQEhJgDhqyACYQChBeyD4G-sZBZgxhIAC+rCAaUAoAtoIgNNRFikkArnDwANqY+AC6bABeENxsAA5qCCB8RWoAFsN6voYBJsF0ucxsfE0gmAB0aBv4mJRFMgjEbABmUAgAtDzFCg5T6X74KEVQUPHDAKoAgrUKQ-BoNgwMD3fSPFCyfBoFAkYgoYgYbCYIoaBz9YYUDbkYgbSg4pAEIp8DTKYb9ZQSd5sDT1Xrwa71O4A6l8MQIZqdED9VbszkwMSKUEzfzYSjIthiE59EDsMQKbiUQEgKCNBSyBzvRCEADCHwA4sQDWhCESHOrNWkwYYULgaPgCdh7WNzvSHrNKChKGwAI4aaUnJk0fJAA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 1 KB
947 B 885ms
885ms XHR
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=23766&_=1700622057298

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

048c8c46b92290dd986822076433f817faf33dd06a3c3a633645502658ea35f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 829decdcb8ee4d3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 34ms
32ms Script
application/javascript 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-183.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18895

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
455 B 434ms
34ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1700622058029&cv=11&fst=1700622000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77268957&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&frm=0&tiba=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&fmt=3&is_vtc=1&cid=CAQSGwDICaaN26ED0a7fvcvGIDHgEh7bh6hfp_XX7w&random=3821657762&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
154 B 233ms
59ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1700622058029&cv=11&fst=1700622000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v77268957&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&frm=0&tiba=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&fmt=3&is_vtc=1&cid=CAQSGwDICaaN26ED0a7fvcvGIDHgEh7bh6hfp_XX7w&random=3821657762&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 27ms
26ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Nov 2023 03:14:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 37ms
37ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=633251181&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&ul=en-us&de=UTF-8&dt=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEAjAAAAACAAI~&jid=1863921946&gjid=1725599444&cid=2075019165.1700622058&tid=UA-42752472-1&_gid=1664692899.1700622059&_r=1&_slc=1&gtm=45He3b81n81TJTDCJGv77268957&cd1=recipes&cd2=November%2023%2C%202015&cd3=Courtney%20Hamilton&cd5=dinner-recipes%2Cpork-recipes%2Cside-dish-recipes&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2010452398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 48F6 126 KB
44 KB 447ms
67ms Document
text/html 178.250.1.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u6gADZiwKd45KAAhcOXvMj5k9LFEfDa-i9Q&u=%7CsQ3X0qOZ3gV4atApAm2mgjydZG9Z64Btna04QEUnrKk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSytQmooxcCfazsFIC5azNpFHv_RscRphx-fW10U4Y425z8YN5h_1hjPKhyszboev_2KgInnNZ2N4ET4F9aV2BQPEA2dbvX5U_BjBOCT0_U6vW3xau-5asX-U-Vz9BSo3saOodR08aGIeGnR3_luVciRfpYR-8JPAlOilxWl-c7EwGrttEsl7XRKpiur2lJUY9wZXwdqXnnPiSN9dsjYyd_s0vMmolMZSuGMKyeWykdeK1Y4gA8JV5BRm0u2cfdO9LjqyKmAqGxip0VF72b0uqQzLjT7QACLBcWWmRU8TCpapotx8CAi4FguQGZf4vLsH_A69u8HpOAnQuIKwLvJPIAsIH6AMbwEWCFsS7izdDAeA8_bDN1Rd0NPCGImvv32qshb6S61iIulFupBgRWX7DLvSHH0Br6UCwCgXeiv0oPMHLRPqjTvlJtpWBJIBxVyb5topuSVgrArtSlXXDwuJBn9HGlMlqIT4aP6gvb2NJSuib9lb6sBdirk2YfgCLi65ppWpbWojVo7JNLS7rSBKaEIKm4MHQFSwPryN7NQu7EF_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLWvl6m5dZazMDcqc3gO5uKGIAsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoEwQJP0Ge_OXagT7f3hrBJmgEzBFNQ0JpSULGKdJo0MqODN7r_HH4TTkiuHLX4eBoLG65wOfQNEhah0mNZAa0he8Dq62zdup22JRLg2iMdrpNds97oGirTLHytprQxQbQsBvQfO1kTZU4P6uIfcFNXlHXwaJPGuqf9PoyZR0w_KHiFJ1SOitg7EHaVd7w_pg5AJ1BjI2jUZrT65R7kcGwq4v5daOBmS54C06AvyxaFlLpRtYkp95Cs-BfEcxuZgXWqi78FeigwBZZKkDNsXuxf-KogiippPL2BYts4RvI2MwRPaXFMLYcWHxHOVrfitQwALwSpy9kmFCQO6zO0689zYh1e4BLCgYRN6DnHr-fFpDFco3RWr5f7gYZJbpQ0KptmUaJZLqHdOXRlbdJCPFHA4wg8CZWVhBEd1gojB0T9JPoP5dLgBAGABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCJbYtO3O1oIDFUqOdwodOVwIIdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XHmGrOqurs6qO6-5VX0SiqNXUtQ%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7989b31ed1875d6ecd57fc7b8630dbf391313f14d5b83a3b90ca35657779ec6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BZNw-VXNKzKDm-lPAo4d7JuxOhh8yP-VMioDORiGv3kNGn7e222v0bmMzoeEtSthbIglqTEJiioCflltU4lgiHXYmA6tZUQ_iSIBLSihaWu2wI900qIJYKSrXNDLnAA9BzJ6rFcEqj7WTNNzmYw36DrDfWu_nJ4LFcR1nE0ZUAwOOh1OPtYMd97vz8rFJ1sIy8vxUBxQmzruhN8ixaDMIPYss2JzpRxUVHMrzSXguDyJFFf5qpUrdW3HuL7xlKT4MC6pIQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12837171
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A68E 3 KB
1 KB 441ms
54ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A68E 20 KB
9 KB 439ms
53ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A68E 24 KB
7 KB 417ms
32ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A68E 202 KB
64 KB 41ms
40ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:00:59 GMT

GET
H3 200 How-to-Carb-Cycle-for-Fat-Loss744.jpg
blog.paleohacks.com/wp-content/uploads/2018/06/ 64 KB
64 KB 26ms
25ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/How-to-Carb-Cycle-for-Fat-Loss744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a24ab2121a3edfe321439c72a3895c337c957632c8d6d9f112c4c1e944eba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
cf-cache-status: HIT
age: 895380
cf-polished: qual=85, origFmt=jpeg, origSize=78072
content-disposition: inline; filename="How-to-Carb-Cycle-for-Fat-Loss744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 65332
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:49:10 GMT
server: cloudflare
etag: "5dc76c96-130f8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829decdd293b4d3e-FRA
expires: Mon, 11 Dec 2023 18:17:59 GMT

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 75ms
61ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3038
cf-polished: origSize=3254
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbvD%2Bx4vLtiKVfSir38UsqTFUlMEUV7On1oUtQU2yQGGo%2BsTSDp9LGEzi6sMF7Nrf1Eyu0S8CfJvb7HFy5tHU1xAh3k08h49Ywt2LTdu3%2FBb9RDM8%2F9D7ySOsYIZdsv44fwXbJwE0s93Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 829decddcc63f14c-CDG

GET
H2 200 cenw.js Show response
dts.clnmde.com/ Frame 84CA 36 B
125 B 148ms
147ms XHR
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e0d64631f76102a62eb5334956d9ad21b5379038e83272f92ce30d550d45af36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
via: 1.1 google
etag: W/"24-dSGF3/HRAf7NEictDUFiGg"
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 136ms
136ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4Ig1ghiBcIKwGMAcB2FBOADJgtEpApgMw4CMpBBO6EBAJjkQGZF0BsdARkp0ygCwgANOE4xSIhADcYIYAB0QAGwD2CCEoD6AZwAuKgE4QA5gUXRFiVBmx5CJcpWq0GzVh268BioYu0FtbQBLFQA7HX0jU3NLZDQsXHxiMgoqGnpGFnYuHj5+H0UEFRUwIIJNOghdCBj4OJtE+xSndNcsj1zvEABfYRBjXSYYAG1MITGJ8YBdEQHtEcmxgCZpkT156GGJRdWQAgRdAFtZFFIkPr0qgFcN4fQZkAAvKGgJEAAHY1kZWYALWVIKGwbCWS0wcCQRCWpCIpHQEP4SDYRCQghEUg2IDYADpMNi4Gx0H0NDAiCImAgYGQRARdEEAUDMCCwXAUH0EAg6LIAKoAQQuui+0DGIG0YAZwNB4JQmjgmBQkKIKCI2CWbD6BCC71ksOxMKI2PQBtI4L6UgIBlk7wMKi5NKuLzeV3pwppUiUIwe7wxnrWSj0EqZUohS3Q6pESiGrxEnCUunEWEkN10miCXNgSAAwtyAOJEPOYc7ooKp9MgQGSlkoUH8OAmpZ1vrGSmvRnM8HoMEigCOBHE5JdmG6QA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 36ms
35ms XHR
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=2075019165.1700622058&jid=1863921946&gjid=1725599444&_gid=1664692899.1700622059&_u=YADAAEAiAAAAACAAI~&z=590568278

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
85 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db998fd432b00e534460aa62f7eed92100ebe758d4fc7f569db6a380f1593ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 03:00:59 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
621 B 212ms
128ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615989242318&cb=1700622059224&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1243959123666211
content-length: 174
pin-unauth: dWlkPU16SXpZV1kzTVRJdFkyVmpaUzAwWkRKa0xUZ3lPRFF0WVRFMVltWmlNREZpWW1Zdw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 17ms
17ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=633251181&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&ul=en-us&de=UTF-8&dt=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjBAAAACAAI~&jid=1145412433&gjid=442458850&cid=2075019165.1700622058&tid=UA-81910700-1&_gid=1664692899.1700622059&_slc=1&gtm=45He3b81n81TJTDCJGv77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1202220447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 39ms
38ms XHR
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=2075019165.1700622058&jid=1145412433&gjid=442458850&_gid=1664692899.1700622059&_u=aCDAiEAjBAAAAGAAI~&z=638831088

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=633251181&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&ul=en-us&de=UTF-8&dt=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Custom&_u=aCDACEAjBAAAAGAAI~&jid=&gjid=&cid=2075019165.1700622058&tid=UA-42752472-1&_gid=1664692899.1700622059&gtm=45He3b81n81TJTDCJGv77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1045223122

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 21:49:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18717
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
185 B 185ms
132ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1700622059255
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 8
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2064959940530319
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 198ms
37ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=2075019165.1700622058&jid=1863921946&_u=YADAAEAiAAAAACAAI~&z=223796369

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 441ms
35ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=2075019165.1700622058&jid=1863921946&_u=YADAAEAiAAAAACAAI~&z=223796369

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 170ms
168ms Fetch 104.18.43.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.25.42&r=&id=5b5ce6f9d5c543eeb73964d2d3fd6676&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 39
cf-ray: 829decdeb9478fd1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 144ms
40ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=2075019165.1700622058&jid=1145412433&_u=aCDAiEAjBAAAAGAAI~&z=1600688838

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 384ms
34ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=2075019165.1700622058&jid=1145412433&_u=aCDAiEAjBAAAAGAAI~&z=1600688838

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
46ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3b81v9137939032&_p=1700622057313&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=2075019165.1700622058&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&dt=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&sid=1700622059&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=recipes&ep.ua_dimension_2=November%2023%2C%202015&ep.ua_dimension_3=Courtney%20Hamilton&ep.ua_dimension_5=dinner-recipes%2Cpork-recipes%2Cside-dish-recipes&tfd=4440
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 48ms
47ms Ping
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RWB4GYKC4G&cid=2075019165.1700622058&gtm=45je3b81v9137939032&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 40ms
40ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RWB4GYKC4G&cid=2075019165.1700622058&gtm=45je3b81v9137939032&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=337168856

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 48F6 2 KB
1 KB 432ms
42ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u6gADZiwKd45KAAhcOXvMj5k9LFEfDa-i9Q&u=%7CsQ3X0qOZ3gV4atApAm2mgjydZG9Z64Btna04QEUnrKk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSytQmooxcCfazsFIC5azNpFHv_RscRphx-fW10U4Y425z8YN5h_1hjPKhyszboev_2KgInnNZ2N4ET4F9aV2BQPEA2dbvX5U_BjBOCT0_U6vW3xau-5asX-U-Vz9BSo3saOodR08aGIeGnR3_luVciRfpYR-8JPAlOilxWl-c7EwGrttEsl7XRKpiur2lJUY9wZXwdqXnnPiSN9dsjYyd_s0vMmolMZSuGMKyeWykdeK1Y4gA8JV5BRm0u2cfdO9LjqyKmAqGxip0VF72b0uqQzLjT7QACLBcWWmRU8TCpapotx8CAi4FguQGZf4vLsH_A69u8HpOAnQuIKwLvJPIAsIH6AMbwEWCFsS7izdDAeA8_bDN1Rd0NPCGImvv32qshb6S61iIulFupBgRWX7DLvSHH0Br6UCwCgXeiv0oPMHLRPqjTvlJtpWBJIBxVyb5topuSVgrArtSlXXDwuJBn9HGlMlqIT4aP6gvb2NJSuib9lb6sBdirk2YfgCLi65ppWpbWojVo7JNLS7rSBKaEIKm4MHQFSwPryN7NQu7EF_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLWvl6m5dZazMDcqc3gO5uKGIAsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoEwQJP0Ge_OXagT7f3hrBJmgEzBFNQ0JpSULGKdJo0MqODN7r_HH4TTkiuHLX4eBoLG65wOfQNEhah0mNZAa0he8Dq62zdup22JRLg2iMdrpNds97oGirTLHytprQxQbQsBvQfO1kTZU4P6uIfcFNXlHXwaJPGuqf9PoyZR0w_KHiFJ1SOitg7EHaVd7w_pg5AJ1BjI2jUZrT65R7kcGwq4v5daOBmS54C06AvyxaFlLpRtYkp95Cs-BfEcxuZgXWqi78FeigwBZZKkDNsXuxf-KogiippPL2BYts4RvI2MwRPaXFMLYcWHxHOVrfitQwALwSpy9kmFCQO6zO0689zYh1e4BLCgYRN6DnHr-fFpDFco3RWr5f7gYZJbpQ0KptmUaJZLqHdOXRlbdJCPFHA4wg8CZWVhBEd1gojB0T9JPoP5dLgBAGABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCJbYtO3O1oIDFUqOdwodOVwIIdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XHmGrOqurs6qO6-5VX0SiqNXUtQ%26client%3Dca-pub-5144389657785565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 48F6 2 KB
1 KB 437ms
47ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 48F6 308 B
637 B 414ms
33ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 48F6 293 B
621 B 427ms
47ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 48F6 43 B
348 B 118ms
25ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=lgYtiOEZ3TJiEVIj7I8EaYMcY9cvCzFxmvBDfy9xnVONy7i0WZqMzB6PT274aYs0bCDHTE_9ovmmfv1HzT9YfbHkLyi2EAWajHQYCE17ObhvP2WVuUYuZf0S-AQEpnXHxQuqyt6yB_5WcEljIl2M-H52sM6qBdZ1VmFmDEBC2wQ6R-GFqQ58ZrWKP8sjXVCVX_djLLC8fDD-I-vz_1EFdPFP_2zxgUthISI9QjJO7olAl1mrfGGItIw7DlNR_D0NovJvoAb4qrCqYtSGfX4JO3ozFqy55qtTWlq8UiSws_t2MR8mDKFCNZB4G2AC_JLWFZ5Z0fNGCyc3t1-nwrKNyQIXeEEyCeFjGn2ZDtPp0uxwi6JdQvQyh84z6rEAaDuunCp7W6aPgej-E_qviEmkT2809KbONDk-SP_YPqC14BOaJeKo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2055502
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1340
cf-polished: origSize=4494
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywZZplLU3BHTAiT8k4GYhZy1nMjsn52stC2LsSq%2Fxg46otmB2Iyo%2BLa5uH%2FiVFr7JuFRj33PAhNBmzi7PQdVzgAaBZhFfBzt0oplZGG75GHFhRPa2GVj%2FmMo0memE%2FckBcttpQZQbOmJCXDvC8kx8nP9zrhzgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 829dece04cc9d0c5-AMS

GET
DATA 200
OK truncated
/ Frame A68E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8083a6e53fe858b8bc830066f9d6c4c4d0e0fa51b862b342784f3e242eb316

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 48F6 12 KB
6 KB 285ms
57ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 48F6 98 KB
98 KB 464ms
56ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F1598aaf8288a47aab630ccc7ba14c5cc_231108_mf_image_blackweek_general_v3_16_9.jpg&v=3&rid=4&s=PQPbdDfHtmDPL6QoNzGjHl6F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 100128
expires: Thu, 14 Nov 2024 13:03:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 48F6 9 KB
9 KB 511ms
104ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=596&rid=4&s=EIkIJwkwVcY-vOrd3EDCFAwy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a10d5b18b41fc4a78ec2b0f56fcd5884cd3f01d7341fd93fa880d30b2a9b3919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9286
expires: Thu, 14 Nov 2024 12:56:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 48F6 0
128 B 415ms
34ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BZNw-VXNKzKDm-lPAo4d7JuxOhh8yP-VMioDORiGv3kNGn7e222v0bmMzoeEtSthbIglqTEJiioCflltU4lgiHXYmA6tZUQ_iSIBLSihaWu2wI900qIJYKSrXNDLnAA9BzJ6rFcEqj7WTNNzmYw36DrDfWu_nJ4LFcR1nE0ZUAwOOh1OPtYMd97vz8rFJ1sIy8vxUBxQmzruhN8ixaDMIPYss2JzpRxUVHMrzSXguDyJFFf5qpUrdW3HuL7xlKT4MC6pIQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 48F6 2 KB
1 KB 238ms
42ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 48F6 2 KB
1 KB 49ms
49ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:00:59 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 124ms
124ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4IgpgHiBcIAwgDQgM4GMD2MQEYDsccAbAEwlwCseA+hXHgBwDMTeThJRSqmAZjDmToMAF2z5CpclVr1mrdnE7UGAI3IM8qnErQBOMEzAVevMABMcaHABZGFtY27CR-aIJ6jz4gsTKUaOkYWNg4iWj09NBIGGyYAQ1teNjAosBswIiJecxJzeKY9bVVnTBFzNw8wAGt47Ao0Q3iSNDgAWgYGQzacHDAwNtU8HAoe1TAcXjQbCgqDbhqS92Q0ADcUbGAAHRAAGww0eN3qFBEMACd4gHMwHegdhqaW9s7u3v7B4dGcccnp2d4Bh2iB2KDAKBQAEsMAA7E5nS43O4PRoJZ4dLpMHp9AZDEZjCZTGZzW5IHaYDDVSFgaj5ETxZEgR5o1oYt44z74n6E-4knYAX2c9JEAFcNtAANokJiIcgAXWQAC86ssQAAHK7YVbcK4ACx8kn8FGYJBwTBwemNNgYRCYsW462wRAAdHBnRQiHpuEcYDKQFMYD1kGARJCDX5pHhuGg0N5YABVACCQs10DgQmq4akAVkwQUYQWkLV2HNzrNTGdegrOgoDrA52wavOGG8wZFKo8IrDaeDq12MAlCvVjslQ5Qu1OWaNDBIei4yF2lWQql2YncenTIDQYpE1EhcZADAAwvGAOJMc9wBgOyF7g8SCMBMgzHQkCg4BbxYuS3B4EhlyhnQYPRnXIEgQCHCwB1AMA0BgGYGGQGEAFtsAAZVgkVzkhEQAE8AFFzmbBshDXEBCOI6AAAIADF4khXYLCos4qPOMB4nMKj4iomF4mQpimwwNV6zwqiAHJzAOEV+JhEQxKo3hm2Q8SAHVIRhSSAHcxOogAhfY0GqJjuMUviwCozScN1KiLkhK51KonZdREEQ1RQaAAHoPJXDArmdNUjjADBdXiQyUGdTBkJ2BSlK4mNwShGEri4qi0GbCE2ls+yYRisznS2HKqKK+IRBsqiAApnNc9yvLVCBdjQXYUPMWCMGQtp4mdeJamQ+j9X5IdeA1MimCobg2LjTcrjg9xfGzCg9DwIhNwARzAARkF4btNzVb9ZzwfkgA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
721 B 689ms
624ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: d48612d1cbc5ae254a8b7fb3eb9fb8c30df69cad54b7a4e5a1d56c741a033d40

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BOHwadY9LmegvGI6%2BwwjYjrjhxSNmaf%2FsgMK3szkW5lq%2BV%2B5LiOu6eq4B5GXdf38gwWlHjECDaL16WrW1%2Bny%2FHr7agmVkgdcxTx0h5kkPpQSSP4gW%2BFdFKxbZ%2Fry3099apeHqECXPBEs6uhW13Qq2IE%2F%2FBh8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 829dece1fd7b3c98-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 Popup-okt2017_-_rev-Slow_Cooker_Recipes.jpg
blog.paleohacks.com/wp-content/uploads/2017/11/ 104 KB
104 KB 724ms
724ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2017/11/Popup-okt2017_-_rev-Slow_Cooker_Recipes.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a330751aa7c978c142a82f02ef88b78ed4bf0dc925df9b8155484ec70fe264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 03:01:00 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 20:38:23 GMT
server: cloudflare
etag: "5dc723bf-19e78"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 829dece24ba64d3e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 106104
expires: Fri, 22 Dec 2023 03:01:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
237 B 135ms
121ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=C5htneXnVLm4&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 22 Nov 2023 03:01:00 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1006321831196357
content-length: 0
x-served-by: cache-fra-eddf8230109-FRA
pragma: no-cache
server: envoy
x-timer: S1700622060.065636,VS0,VE93
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 48F6 9 KB
9 KB 26ms
26ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a10d5b18b41fc4a78ec2b0f56fcd5884cd3f01d7341fd93fa880d30b2a9b3919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:00:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9286
expires: Thu, 14 Nov 2024 12:56:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A68E 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIa7w6m5dZazMDcqc3gO5uKGIAsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoEvgJP0Ge_OXagT7f3hrBJmgEzBFNQ0JpSULGKdJo0MqODN7r_HH4TTkiuHLX4eBoLG65wOfQNEhah0mNZAa0he8Dq62zdup22JRLg2iMdrpNds97oGirTLHytprQxQbQsBvQfO1kTZU4P6uIfcFNXlHXwaJPGuqf9PoyZR0w_KHiFJ1SOitg7EHaVd7w_pg5AJ1BjI2jUZrT65R7kcGwq4v5daOBmS54C06AvyxaFlLpRtYkp95Cs-BfEcxuZgXWqi78FeigwBZZKkDNsXuxf-KogiippPL2BYts4RvI2MwRPaXFMLYcWHxHOVrfitQwALwSpy9kmFCQO6zO0689zYh1e4BLCgYRN6DnHr-fFpDFco3RWr5f7gYZJLJYVuBv1gZ___oYHtVSMydxlNufKzRC-vV2oIuOiyCY7n45pBBPgBAGABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB4g0TCJbYtO3O1oIDFUqOdwodOVwIIdAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=NpZRJopDrSg&uach_m=[UACH]&cid=CAQSTwDICaaNUW86cg9hFQCyzaj6er_zdedc-Wq_lsG-lTprYxbmiqR9Mo-4AbczaQZ8zv0rfT5dvDVuDyRrACxZ1ckZlq_JY3Jo70jOwECUw1IYAQ&cbvp=2&vis=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A68E 0
126 B 499ms
70ms Image
text/plain 178.250.7.12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGd2BMKwC-gGdg2ICAgAAAPAnSndGvURtEOpuXWV7LJGpl7mRXYb3AAASAAAKCkFRVUJEd0VCRHc&wp=ZV1u6gADZiwKd45KAAhcOXvMj5k9LFEfDa-i9Q&cbvp=2

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:00 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 160379
server: Kestrel
content-length: 0

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 359ms
104ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 New York, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.1 /
Resource Hash: 7041e30486597b7022610850dc74b65b909268c2c134c75775d988ed529c7fc6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 03:01:00 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A68E 42 B
174 B 542ms
81ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6udwMraSkjNhM55vHTSPEi9wj71MbX2pDeI0BMEjw-gy6kfTbT-XvdnmBNNgL8oeGlipdV7ft_KAlKxJPBJTxyijrJ3ylealyAjCZHnKI2ZlxNwJL&sig=Cg0ArKJSzE2IU_SGsasCEAE&id=lidar2&mcvt=1005&p=482,690,732,990&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1706127594&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700622058632&rpt=1036&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 48F6 0
127 B 33ms
32ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 16 KB
3 KB 1075ms
1070ms XHR
application/json 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

83ab3c30173c4757426d0dbe6f69dca3a348b0e7b598c5f906fdb43f6f4bf51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/paleo-grain-free-stuffing-recipe/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 829dece7fe624d3e-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3

200

comments.php
www.facebook.com/plugins/ Frame 8E5F
Redirect Chain

https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Db...
https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Dblog.p...

0
0

55ms
55ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c962fc63a14114fac723739ec1c75b88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Nov 2023 03:01:01 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: Ul9dqjLrnybovExKzmn6nBYcUdAuYHrL1EoeVkSNgyheWFM0GUZrObi6VfkxHZl3e77FsghZQM6ZKlBIjQ7YTA==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 22 Nov 2023 03:01:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df927be223f6a0c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
origin-agent-cluster: ?0
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-fb-debug: oHYhVa+cG2jLuaQf8Fz2bDXhsz0mpSN0CFSmg2OxKB4AcCN1InYRdqhmP9woxk6OUL/SvO76xGqEMBgSAsPLdg==

GET
H2 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame 6A9E 35 KB
15 KB 104ms
103ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20e90b69c0c454%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c962fc63a14114fac723739ec1c75b88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

2362eab598864d387512dc45400d7b93dc4b13d6abc110e6b74961f4f401552b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:01:01 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: R/QRBY+xx7VVXh1YYjbRgIIq9kFPwaf76DBMbcRMaCcBJGs1qxJeLnxzUGHWXGFUB9J+RfJtIZxBrxWc2962GQ==
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 259ms
61ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c215b5ee5d5f071ae007efc6502873d4bc15912561a285b5c5119a7a40f18c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12337
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 5437 565 B
428 B 133ms
133ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 03:01:01 GMT
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6164692081581069

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
613 B 223ms
222ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=161283354&activity_type_id=1&fbp=fb.1.1700622058818.1107978980&fbc=undefined&ga=GA1.2.2075019165.1700622058&client_ip_address=31.133.93.105&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.159%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 5aa5603f7f0f913cbbc01901970eb065ad0068c549518dc0a460a85d76a751d1

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8RgM2phfyXv5A6DP3K3UklMG%2F%2F23bdeUuOH40T7HdUYX5sB02PIKRtRGvjJdk2ZDnQOAFANptISuGVQTknNxTaF390neEpYDSRXl476mSQDgvG5c%2BUmk4xQzv7VmL%2BBt3g5fH%2B0xo2rTritbShyxCcAkZOa8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 829dece948643c98-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 AxOFgCrBSAW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ Frame 6A9E 528 KB
136 KB 34ms
29ms XHR
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/AxOFgCrBSAW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20e90b69c0c454%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ffd9872a0815734%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c9248b5f4e8a2b095343cb1a16a321a3193f0f9944cd38e66129ba8557be0ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EoXGmTPSNg1XZBcb8ewTJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139167
reporting-endpoints
x-fb-debug: GXTlm9QjUjNkGFfmdQSmumoQIjt5ZK4oGzCmVK+GOMeuqg+qVLZK82PjGz3sM6z4OMnbXaw9VTG5kufBCerZwg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 16 Nov 2024 01:33:29 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 6A9E 299 B
562 B 30ms
28ms Image
image/png 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: qEMtIJ7IL4dMWZk5y9Eshn1f8uS6FHLRuyYTqx7cM1dgDBWWzNj+AquH8gOZo+BxhyavBEhjvhKQlWSxUDdBQw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 19 Nov 2024 02:18:42 GMT

GET
H3 200 AxOFgCrBSAW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ Frame 6A9E 528 KB
136 KB 19ms
13ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/AxOFgCrBSAW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9248b5f4e8a2b095343cb1a16a321a3193f0f9944cd38e66129ba8557be0ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EoXGmTPSNg1XZBcb8ewTJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139167
reporting-endpoints
x-fb-debug: GXTlm9QjUjNkGFfmdQSmumoQIjt5ZK4oGzCmVK+GOMeuqg+qVLZK82PjGz3sM6z4OMnbXaw9VTG5kufBCerZwg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Nov 2024 01:33:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 47ms
45ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:01:01 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 133ms
133ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4IgHgZiBcIMYE4CmCAMBGAHJhBWXCcAhkbgCwDsuAJmXSugExHUBGjqIANCAM4AuRfgFdeMANoBmVAF0eALyIx0PAA4BzGCABu3EOoAWW9BVSoAbIw65Mkxukno8mMpnOSXe7WNjmAdKh+uOYIekQANjCSPBBwMAC0KiBI-ACWxqYWVqi4FHpwcNRaAKoAgnoCmtCoPLwA1hlmltYUAPq4qBS2khTSqIzmekipqlqOfg6SfghT6DleSABOWqqLAPZFPEjCStBJwunVW9qR0OJyIKreEiCoAARWPXfoIBe84QKNWdaYjAiDPHCUD2PFY4X4yjQPDgon4rVSRVgmAAwsUAOKSDGoTBeVLwxEgExNbK5KxkXBzRgUvTqOJ7TLNLJmJIARyQyhih1QAF8gA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:02 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 48F6 98 KB
98 KB 48ms
47ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 100128
expires: Thu, 14 Nov 2024 13:03:18 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc5fe9fb52dc5d50b7560acb018bde3c6ff69905706d4960ad771606b284945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30321
x-xss-protection: 0
server: cafe
etag: 311 / 19683 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:02 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
123 B 136ms
135ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4Ig7gHg5iBcIAYBGB2AzAgrAUwCYBYlcVs0BDbATgGMBGBfFAMwCZ9bNclaA2SkADQgAbrmpwQASQB2AF2wAbAAQzqAOhVzFKgE4BLAM5KA8gAds0gOIAZJQFFpUPdOyCQAKwCucWkPfSJWmoeIIZcMjQ0Ji5MSOxaSmwEFB5cJkoADnoWWjd3JAlo3CSUZAyszEosWhYI9Np0TBY0Fgym3KEyCAkMyjRcWlo0ehQUCKQMllH8XB5MHjH6XBZsMgQ3A1kyWU8DOABtaU8FBQEeBDOWM-wAXSEALzIfIVMYeGE3KAALQNKEHhYLCwGRaQwSmAy+AyPDQkLcwj28B4agQanm-E6CjgaCETHEsAAtL4QNhZHpfgh-oCsCg3NRqLgJABVACCG1kbwuIAMAGsKVSgZgUAB9TDJEFodCUlg8NzYPSmCTDNRDNBqPoqrDw7A6CSmHQAe0ZQmwniesGJnnJsC52GEWNg+zuIFMCIOiCUgMlSlyzoMCk2-IBgsmlFlQgUTGeICQClkPiqQmou1kwr0jPgGQAwkzLGg8wgMvC9GmMyAGpTgzTAfhMNk6598RWBVSYfghABHVwW3HWhAAXyAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:02 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2539 13 KB
5 KB 17ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E6B3 829 B
978 B 88ms
84ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

957874abf1d77b04478b832a19eb5103295c0fb32075b591f35f644d23d5c980

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nJa0_j2EM1zlaLlIKqrnCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nJa0_j2EM1zlaLlIKqrnCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:01:02 GMT
expires: Wed, 22 Nov 2023 03:01:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

175293215327540388bce9dbe8c1b3bdec258028b642978e723bbdd4c1947db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31377
x-xss-protection: 0
server: cafe
etag: 711 / 19683 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6B3 0
0 79ms
47ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304050101&jk=206900439635819&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2539 39 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af98440fc43dd200e92995b138723e296396d3b7a31f3dea54321284bf7137c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31377
x-xss-protection: 0
server: cafe
etag: 63 / 19683 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:03 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106aa99cd185959554007f1d5ecccb0e70e2996693373aeaa2c890210241feea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30321
x-xss-protection: 0
server: cafe
etag: 117 / 19683 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:03 GMT

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 41ms
39ms Script
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 167 KB
28 KB 457ms
456ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=206900439635819&correlator=3923372781103269&eid=31079527&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=3&adks=2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie=ID%3Dbd7d9a54da70c7d6%3AT%3D1700622058%3ART%3D1700622058%3AS%3DALNI_MaVJqQ-yEsrm7bT6nllmDx6FsYrKg&gpic=UID%3D00000cd6bf39369e%3AT%3D1700622058%3ART%3D1700622058%3AS%3DALNI_MZ6L4qGXW9WLTMdI5x3Kg9I_vEj7g&abxe=1&dt=1700622063283&lmt=1700609146&dlt=1700622057043&idt=1058&adxs=436%2C315%2C315%2C1062&adys=1110%2C341%2C8077%2C2700&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&frm=20&vis=1&psz=728x-1%7C1600x0%7C1600x0%7C302x0&msz=728x-1%7C1600x0%7C1600x0%7C302x0&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=2075019165.1700622058&ga_sid=1700622058&ga_hid=633251181&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd9c9764ef986f5b95b75739c89ce88d38bab52b9dfd94ab6dedc7e03114cd20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29034
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
72 B 162ms
161ms Ping
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 03:01:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 166ms
166ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4Ig5gNgDiBcIEMAcATALAdgKzrQIzQEYFCBTANgzwGZCMBOAJiPLWsqXpABoQAXKAjgBtUYW4AGXtQkSAVIywSA+oRABdTbwDOfBHwCu2keWrc0jdbwBeQ2OJBQwcEADce4ABYu6s8o0YJLCRqRkJaemC0JFMkNA9XY3hyADoJFKxyLl4ECDgzEAAzAGM4AFoHUj4ASx8MPwCgjA9i4pQXAFUAQQ9dZ1gpEG0AazqGwKwMZSUMEOoMGQlGcg9Saph4WhTw6hT6XcIghNIAJxcoE4B7dt5SAzsHA1qB29c82GErR0SRL+0IXRjCT+CZIRj0Fa8CCFOAOPAQPiw+iDYpGPjKarteBIADCHQA4tRCRIkAlqhisSBfMDGpMAmgsIdFGpeGBSvZ6jTAqYsuReABHUiw3iFZ4SAC+QA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 container.html Show response
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAF1 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:58 GMT
expires: Thu, 21 Nov 2024 03:00:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48BE 6 KB
3 KB 13ms
10ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:58 GMT
expires: Thu, 21 Nov 2024 03:00:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7642 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:58 GMT
expires: Thu, 21 Nov 2024 03:00:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B5DE 6 KB
3 KB 11ms
9ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:00:58 GMT
expires: Thu, 21 Nov 2024 03:00:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2539 0
10 B 38ms
29ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zRfj_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A1AA 119 KB
43 KB 54ms
54ms Document
text/html 178.250.1.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u7wAFbK4Hg6KzAAwcdOYOtBEh-q52hp6NgA&u=%7CCPatFHeAG8scCItUdC2lH%2FxuLzWjJqf7No1NFEE4Rjc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSyD2v9T2mrhign09zbKlBuPLGrNRwccuO8Lue8Ij0RhMdS9pTrbssIKPoeQnYJhBjI6FBmFbaeW9ZxJy10EGyZzNsm_lnOHaPcupFQQo8TzAKu4FvuMy3i0T0tuXJDmlmstLNeql8_yj69LBn-VDaA4AMi7c4oSVKcL-THuTvQRSn6EkuX6bJfB7kel1UAHmLLIJFORyQjMC7OGYF359VCYwN_Jwmiym6I7ZLK9q3XrR1pe3c50BSFrGscYydWVv9VciOAPtkg6mktKMcHyP1aMLaSwfN178M4fXViis_06dko4MyxAa1X76NqmIaRCyeJLT05894UPi2TvhAHixEnc2dlubYj0VT4eWNV7smGA3G-ntKURG2XCF8O421hQrQ1-_Qu-IuTWjc44b-JEbV729BbugAjFHRb83_OggDjLWtdrACQAYUu4K_-DjEeIIrwgzulzv0WMQ4X0S9blUxVDEyyh7BpuYsthDcvfQyJaqzzce5IoFvA2LbWO3MGp42OBeeaAqQb8Tp0eikGo1opThkTmlpWICDV1LtP9F7QSmY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb0gr725dZa7ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS9Ak_QYvU68dfB3PIXjIwqujFe8iST4BEbZsqSIvoXT9zcsdk-97KFHnqg9HItfs3Kf1L3WN7Cfo269ka-vs-LVNOKlUYdKZRMhUMweT73T3N_PcB-eFm4G8OZOGpCN8zoJmL9LyoGTfMmPFjehdPE18aBDCFmxtFHEFha4mdvWnJCeEPITUkxORxkTN9TSSangSAmsifHOnfNHX7T8GkiaBm63i2Tb-wRkgUhCeHRlf4yxhh3kugQtnP4V5NQ8AoJjpE7jAE8vvQyyQZWwhUB_94fwrokPhEQizUhZHp2fkWh5QxjVwvYWZUN_FDms-Kv7LbAfcM0zFcXdflLT9KFKEaZjm8h-XVtEFBXYZmt8SjE8z_RfuyiqxCSMrBIzBEmpvCMpeg_VMQPMFhg3CEUeTKH7bkE2WZbbfPUzPv24AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiM6u3vztaCAxWzooMHHXQcDN3QFQGAFwE%26num%3D1%26sig%3DAOD64_1wSKFIu567s8jsz-2KYnoDfiCjTA%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fdd3753978c268f91d8a12fcda40cc47a62572d6e4d74798d4bd805d79fcee37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:01:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KYn9qlXNKzKDm-lPU9Mey3TjfFqYvUsIYgVAn139xElr0lsLSCfaXcq1fu05NrkDMRaE3lilC30kOFtZKkrSkI9UH9ctTwArKuy6oZQpwggrVuHUYux6ODm-fZAFn99dYXjDgexiEzWIXOsGHQLdhJZ5NSzMA3HUwPf5PQKPpF8_xSdirE-NFmxmM4-j_h7rx3i4hQ_nIuyDxVpUy4f1JVcyTbhUjYyAicNtSITE5ubgGg0w7uC8cTwq8hEGkHoKCfcpXQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12889428
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AAF1 3 KB
1 KB 38ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51A0 1 KB
643 B 53ms
52ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AAF1 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AAF1 0
0 49ms
49ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9BG4Cc4HWUNsDxVhLnLzHB44i4HjQgYtZq3rYV9DKVZdwCA5ftts25CCJn2etwD8zdeKcxZWiJqF-Oc9E4esfeF7tzw
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AAF1 24 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAF1 202 KB
64 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:04 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 225ms
85ms XHR
application/json 130.211.34.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1700622064258

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 22 Nov 2023 03:01:04 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 51
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 87C2 106 KB
40 KB 49ms
48ms Document
text/html 178.250.1.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u7wAFbK8Hg6KzAAwcdK7hGrXt3IJ2L_8psA&u=%7CCPatFHeAG8vflBPyS0MQ%2BoskCn8elIZMrvwRXvAzjfY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSyukxC27s6UeXCRyp2Gr9k8tNnpSCWHZvvC_cLbwIHDOfWXO63FnOYOiBQAhi90MJIzwNCOKD20ShezofDGdvCLiACdYo5HPGYNxeE5rDa9frD7oaZXZyeUSHrpWtrR70wknUNbv0FbXi-3FVuPe3y5a3MVCXuMwV_PYBnWVPlQFmrE4oO3EafCVXdvJY4-5ctrhax2RB8ruRzPPhSAwGxntmR70ZYJpkNK5rGyok8Sl4O-IVUoit7e_BwHYezMUo3cjb1sWPkjOud7arLA4_cCSeR_z5Z2c6bfEkF_1PsQ6dmm9z2Ybm9dezXl8BEsXFxbuGcmcGDa2gEbijFzBqZbVvONpgkt7zHmmPZ8zehygTunGPt-k4X5Thl3V-d0V_drDaEIeQFkHFd54uMcVuBJK9Erd2lcbSvMb_UX1Eq-fNxHgLJ2bpUAs79mT-zYGUpmkuBPOQEORmQcOimmvn1c16Lk2JzRwscxRTQvtlKH9DZCjZlrE7-XEe3ve0EqgO46wWc4Lx1b8TmZ6AX1piowQX63GS-BhapYc61CmrQgoM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9Po725dZa_ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS-Ak_QdrPc_ZYCeSDC3LBTWAGhssTRCyw-e-vLvfSFDElwQ8yIqn0bQzrPTfjEhUO5g3gGg0fIpywaAAPY1fqeTLqNHQXH_Tu7cPpJVg3hNmZyGd66BpD4HkibMQx-l-Ri2tC2wDkJ30D1c7f5stKR3otPOJPEpX1V7G69YipgbUk47_nsmhIyB9c9IQaCRPSKteLbsezY-60agLyjsFSCuEftt4yM0LCX3xHSRZ4TgYR_NpdNj2pOoBqjr46KI5O-zfMtOdeBNN-2rEo5sxOR1YrDW-WfR6xwH8CeYQ75rYr3PFe5QO36RaTi2QcnECBRnA8VieNbZ1TcFY-FyOkD_uUf0yUVlyFRVm55OIS9DDNrjqcXzWXmM109IaiF2yUwa7QNwICidjN-Q2AQwB8TSvM0Aau2P0beOfhb4vsFV-AEAYAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIjert787WggMVs6KDBx10HAzd0BUBgBcB%26num%3D1%26sig%3DAOD64_2CgzC6wX1X5I7jxPzsLGhZ2P0-3w%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44b7e9f36a41db407416bf51ab28e0ecbc1739ab3386850407bd94541d289410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:01:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=urEb41XNKzKDm-lP7faLorERNe517RYxUKiP2UrQEGgvM1z2xWWokXciEGg_JlMOjJyfZGV1TL1D3ghuKYUr984Xei-ax6TNtJAsWx7ibq3HOk4V9cyx-aKaqK0gLSQPSamU02PcKJwWw0JRqmx5xS9bSxk7QYIHsEUp6ahuXymBCanF9fR_SK41g_sP7PqP2PB2WMUu68knEViaQcmL9IBHDrheooUox38VV_ZuPM8kJODUca-cyXUGIvVvepl_5bMRzQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 10963746
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 48BE 3 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5179 1 KB
643 B 49ms
48ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 48BE 20 KB
8 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 48BE 24 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48BE 202 KB
64 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:04 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 7642 91 KB
36 KB 1144ms
80ms Script
application/javascript 13.107.213.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Origin: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231122T030105Z-xu16pxtuvt5u10731ms6w8zh2000000006v000000000agk6
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e9b9eafa-801e-002b-14a5-18de9a000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 7642
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2a402d1b-0e51-47c6-ba0e-74243dd5dc1a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ce36b8a9-f49a-410c...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=24ed098ab93d4dc6aea1c8dc42daa709&SNR=1&GV=2&med=10

0
241 B

82ms
81ms

Image
text/plain

13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=24ed098ab93d4dc6aea1c8dc42daa709&SNR=1&GV=2&med=10
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 198A46586935438E996142E81FA61BA9 Ref B: FRAEDGE1413 Ref C: 2023-11-22T03:01:05Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 22 Nov 2023 03:01:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F6E68BDDB06F43D4BA0FF60351AFB293 Ref B: FRAEDGE1413 Ref C: 2023-11-22T03:01:05Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=24ed098ab93d4dc6aea1c8dc42daa709&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 7642 80 KB
27 KB 420ms
47ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 03:01:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Thu, 21 Nov 2024 03:01:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7642 3 KB
1 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7642 20 KB
8 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7642 0
0 51ms
50ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3RIN9n9yuigWTM8vTFfMB2Q8pSPYeXNiTl_7XP5RyqF79Dr7zabHZ5VCSKh5Bq5-ZSxUMAJPDwZdatA-puxaqnSAorQ
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7642 24 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7642 202 KB
64 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:04 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9FF1 2 KB
3 KB 1084ms
102ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g3kf0zd8mvqw74snpvkp2xpgmm4m7jtrqykavwnehvcxjbxjp01vdv9ddcjrywqgve7qnb6fb5x4kgw65m0gwpxk0vp4xjb6tfh63hqmkesatzjgyzxyw56v8gmt2b3c6xpq7ms17bvd7hcd55c1x49sd625mp6jx82ta220gwj72jrhqj61y0jd2pbqbsf40y9bdydy9yq5vyryhxbwr4g495w6hec46mkxdydjkvpxgh7sjvnyyj71pqrrkvdbaq7031jxvrdx7s5hhnfbnv2qj6whzpmv3sxqf5w086pf7agv6ymxxfwtn9thhmrcz9vfxgwn1m1nxw1vjmkj71w33fh4kpdqmr7bqea42xnkqfd4q9xa99wfbmqzq1mbt80kr7sj6j3ym2gfcjpj6zv6hd4by3ejwjddk7tmeh37xvwy3c36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5138b3e4732f404752d76fb2be98bfb174183c09f8a084629858dff1d280887

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 829ded06afb5690f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:01:05 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5DE 3 KB
1 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 41A3 1 KB
643 B 97ms
80ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5DE 20 KB
8 KB 27ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B5DE 0
0 95ms
85ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ82WwA8fOnkPGwUwvc0c9THq61oYzzuOjaADhg07iIP7gLXbgK-hSo7VYr1chy4s2PvtPwil1Xk9U6jR4BXCn9N_7pSQ
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B5DE 24 KB
6 KB 92ms
82ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5DE 202 KB
64 KB 94ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:01:04 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A1AA 2 KB
1 KB 70ms
70ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u7wAFbK4Hg6KzAAwcdOYOtBEh-q52hp6NgA&u=%7CCPatFHeAG8scCItUdC2lH%2FxuLzWjJqf7No1NFEE4Rjc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSyD2v9T2mrhign09zbKlBuPLGrNRwccuO8Lue8Ij0RhMdS9pTrbssIKPoeQnYJhBjI6FBmFbaeW9ZxJy10EGyZzNsm_lnOHaPcupFQQo8TzAKu4FvuMy3i0T0tuXJDmlmstLNeql8_yj69LBn-VDaA4AMi7c4oSVKcL-THuTvQRSn6EkuX6bJfB7kel1UAHmLLIJFORyQjMC7OGYF359VCYwN_Jwmiym6I7ZLK9q3XrR1pe3c50BSFrGscYydWVv9VciOAPtkg6mktKMcHyP1aMLaSwfN178M4fXViis_06dko4MyxAa1X76NqmIaRCyeJLT05894UPi2TvhAHixEnc2dlubYj0VT4eWNV7smGA3G-ntKURG2XCF8O421hQrQ1-_Qu-IuTWjc44b-JEbV729BbugAjFHRb83_OggDjLWtdrACQAYUu4K_-DjEeIIrwgzulzv0WMQ4X0S9blUxVDEyyh7BpuYsthDcvfQyJaqzzce5IoFvA2LbWO3MGp42OBeeaAqQb8Tp0eikGo1opThkTmlpWICDV1LtP9F7QSmY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb0gr725dZa7ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS9Ak_QYvU68dfB3PIXjIwqujFe8iST4BEbZsqSIvoXT9zcsdk-97KFHnqg9HItfs3Kf1L3WN7Cfo269ka-vs-LVNOKlUYdKZRMhUMweT73T3N_PcB-eFm4G8OZOGpCN8zoJmL9LyoGTfMmPFjehdPE18aBDCFmxtFHEFha4mdvWnJCeEPITUkxORxkTN9TSSangSAmsifHOnfNHX7T8GkiaBm63i2Tb-wRkgUhCeHRlf4yxhh3kugQtnP4V5NQ8AoJjpE7jAE8vvQyyQZWwhUB_94fwrokPhEQizUhZHp2fkWh5QxjVwvYWZUN_FDms-Kv7LbAfcM0zFcXdflLT9KFKEaZjm8h-XVtEFBXYZmt8SjE8z_RfuyiqxCSMrBIzBEmpvCMpeg_VMQPMFhg3CEUeTKH7bkE2WZbbfPUzPv24AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiM6u3vztaCAxWzooMHHXQcDN3QFQGAFwE%26num%3D1%26sig%3DAOD64_1wSKFIu567s8jsz-2KYnoDfiCjTA%26client%3Dca-pub-5144389657785565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A1AA 2 KB
1 KB 61ms
61ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A1AA 308 B
636 B 28ms
24ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A1AA 293 B
621 B 27ms
26ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A1AA 43 B
347 B 31ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=D2LX3sz4m3J9xcH_H2bfY04thIYsn1Sf_OnXN4a5PaVT-D5d3CFlB-mTLJLvQBfjbNuK8Y0i4utrQzYxSJHbmCHrDbrzEHz1iyCpzlSrN6k368o3_Yi5Mre06lZlIyYIli99IiRF4vw1VMykBHRhvvMDIcsbHp8ox_DMOJTvQcBXyrn079kW7an6edq9Fzz1-og1lJbWMEBjdvpK-zk0tBKhGjUdEHWVE5C0YVtuHODwFZLoFI_8FBZq7Otkl1pfOaGR1iCQtghqtEa4qNAqxWtPMYhiCF-AcPoYhzpfG2raOxlWS4g5hTstaaiemLgOEAoH-aP_4dkk2rt6ANvT4tDfgtxrGg7JhBpbo9Yc9LO0n6X5Lf6n1DZWt_nscZxaICP9dah27jCCCtEEtT3BpJMo11eJje2k3czhRHb5BkKwc52NIdyQdfc5n_4JKKvcnprFbA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1580510
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 56ms
56ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3b81v9137939032&_p=1700622057313&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=2075019165.1700622058&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe%2F&dt=Paleo%20Grain-Free%20Stuffing%20Recipe%20%7C%20PaleoHacks%20Blog&sid=1700622059&sct=1&seg=0&en=show&_ee=1&ep.event_category=leadbox&ep.event_label=Custom&_et=5&tfd=9690
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 87C2 2 KB
1 KB 44ms
44ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1u7wAFbK8Hg6KzAAwcdK7hGrXt3IJ2L_8psA&u=%7CCPatFHeAG8vflBPyS0MQ%2BoskCn8elIZMrvwRXvAzjfY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69Gq_Y329eSyukxC27s6UeXCRyp2Gr9k8tNnpSCWHZvvC_cLbwIHDOfWXO63FnOYOiBQAhi90MJIzwNCOKD20ShezofDGdvCLiACdYo5HPGYNxeE5rDa9frD7oaZXZyeUSHrpWtrR70wknUNbv0FbXi-3FVuPe3y5a3MVCXuMwV_PYBnWVPlQFmrE4oO3EafCVXdvJY4-5ctrhax2RB8ruRzPPhSAwGxntmR70ZYJpkNK5rGyok8Sl4O-IVUoit7e_BwHYezMUo3cjb1sWPkjOud7arLA4_cCSeR_z5Z2c6bfEkF_1PsQ6dmm9z2Ybm9dezXl8BEsXFxbuGcmcGDa2gEbijFzBqZbVvONpgkt7zHmmPZ8zehygTunGPt-k4X5Thl3V-d0V_drDaEIeQFkHFd54uMcVuBJK9Erd2lcbSvMb_UX1Eq-fNxHgLJ2bpUAs79mT-zYGUpmkuBPOQEORmQcOimmvn1c16Lk2JzRwscxRTQvtlKH9DZCjZlrE7-XEe3ve0EqgO46wWc4Lx1b8TmZ6AX1piowQX63GS-BhapYc61CmrQgoM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9Po725dZa_ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS-Ak_QdrPc_ZYCeSDC3LBTWAGhssTRCyw-e-vLvfSFDElwQ8yIqn0bQzrPTfjEhUO5g3gGg0fIpywaAAPY1fqeTLqNHQXH_Tu7cPpJVg3hNmZyGd66BpD4HkibMQx-l-Ri2tC2wDkJ30D1c7f5stKR3otPOJPEpX1V7G69YipgbUk47_nsmhIyB9c9IQaCRPSKteLbsezY-60agLyjsFSCuEftt4yM0LCX3xHSRZ4TgYR_NpdNj2pOoBqjr46KI5O-zfMtOdeBNN-2rEo5sxOR1YrDW-WfR6xwH8CeYQ75rYr3PFe5QO36RaTi2QcnECBRnA8VieNbZ1TcFY-FyOkD_uUf0yUVlyFRVm55OIS9DDNrjqcXzWXmM109IaiF2yUwa7QNwICidjN-Q2AQwB8TSvM0Aau2P0beOfhb4vsFV-AEAYAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIjert787WggMVs6KDBx10HAzd0BUBgBcB%26num%3D1%26sig%3DAOD64_2CgzC6wX1X5I7jxPzsLGhZ2P0-3w%26client%3Dca-pub-5144389657785565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 87C2 2 KB
1 KB 43ms
43ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 87C2 308 B
636 B 25ms
24ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 87C2 293 B
621 B 25ms
25ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 87C2 43 B
347 B 31ms
31ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HH5EzGq2QSGcmBBY-5AWs35VQYSzk3KzxfnDjV4mY3ou6KGgtnrGZ2w-8cFW4ZOrFzidBQXNSFGEiOwza4FzyDTYIDA7e3-dvc_4ddY8YEW5KRRG__RQPR5bfh5cphITYG5Y27lXzD_dm90mlLL2NCvNxQ4Hj4ppbIxhw5OERgKriHCdoGbPWsZ0R2WKFPeTNN1EbJIW9tKMIyaFys1pmFnzXTwTplCp5sBBY-18NjliNnC2bg6pKmwZqQ0U_2gLzRdjztkqYx4oaDGSajxP8lRYKwbaxTcdT1cbTc1WSclusmVMGVuzOwHTeaf6f0Ye2iNfwMoeYgkUq0nBEa1ToFlTfTJnd5yL3n6hgmZzWFIhYUKISCqK-sm47-thha1XOspIu8DZmSQTXW8F-03QDxGph8AaN7IAT_OYjdbhd2DuQWW0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2067604
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A1AA 12 KB
6 KB 51ms
49ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 51A0
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1&google_push=AXcoOmTnW0ekuM9s6OCzB3I35UEyKucEWs5NYdilBJ5okshGUUKxisSyiqTqQaH1ey4YCTP4cz5U1TCYCj6osl0csM4mn2ErS3RxyZ8
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcyNzMxNjA1NTk4NzM5OTc2NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1

43 B
398 B

106ms
43ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 51A0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOAVKvs4PMKaBmtiEuBY7aA&google_cver=1&google_push=AXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAVKvs4PMKaBmtiEuBY7aA&google_cver=1&google_push=AXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ...

43 B
448 B

193ms
187ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAVKvs4PMKaBmtiEuBY7aA&google_cver=1&google_push=AXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ded089a0571c7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 471
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAVKvs4PMKaBmtiEuBY7aA&google_cver=1&google_push=AXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRaM8g5VG2_uK6OcCUVmiuAlZjYP523B27DT_A5-sJFZhGK6NuVSC8GF6ASdj8UyyA-TjSpW_buoega5Pe5aMskcFDYqJ6t0I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829ded07496871c7-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 51A0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG_YynE88vVO6wxW5Y3iNDw&google_cver=1&google_push=AXcoOmQNDQ1_Sxcy7sSlxnoQ3cNo4ipzHrk3J_V83I-dCBkq_KWSbDCMUVjBsjndnsOhd2YZ4eiBm8uhiA2...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQNDQ1_Sxcy7sSlxnoQ3cNo4ipzHrk3J_V83I-dCBkq_KWSbDCMUVjBsjndnsOhd2YZ4eiBm8uhiA2GfCmXgtWf_VBriV-agtU&google_hm=pQxtGcKHRmCEb1SKa...

170 B
232 B

96ms
94ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQNDQ1_Sxcy7sSlxnoQ3cNo4ipzHrk3J_V83I-dCBkq_KWSbDCMUVjBsjndnsOhd2YZ4eiBm8uhiA2GfCmXgtWf_VBriV-agtU&google_hm=pQxtGcKHRmCEb1SKa4CMimk

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQNDQ1_Sxcy7sSlxnoQ3cNo4ipzHrk3J_V83I-dCBkq_KWSbDCMUVjBsjndnsOhd2YZ4eiBm8uhiA2GfCmXgtWf_VBriV-agtU&google_hm=pQxtGcKHRmCEb1SKa4CMimk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 51A0 0
173 B 448ms
93ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIegxOOtYRf0WEqbaopogAA&google_cver=1&google_push=AXcoOmQ6uTUySu04Qguqrilu3yHiw_ncVl9fagiEVqnbc1VVt5OMNOva5DBoVJ8UDcGWvP6xT0OS5dzBCQd0sg3_tjY1gkNXYd_sowc
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 51A0 0
98 B 452ms
92ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmS8sdpctyJ1HuaKvSytyjFrc_Rgaai9glOuKD2_IBnhwoVFaQrtY2xTiLugRBLXrSitPioNNTpMGpgYl3P8q6RGkM7wnqcflUg&google_gid=CAESEC231io6xMSVKBYu02BuhwI&google_cver=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 51A0 42 B
213 B 449ms
92ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBX8pjx6bQe-BeTCsDSITdc&google_push=AXcoOmRjBEbxsPz3_g3Wf02gLXOJdWkAIg_V1DpGLTLEyM0jQe3-2tqmAnuCJGMVOPWVMBM3wJSmOXZv4ALqBs1M8sG_FGdQKwIzZ8k&google_cver=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51A0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VREDS...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NzY1NjU4NjgwMzY0NzMxMw&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VRE...

170 B
188 B

41ms
37ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NzY1NjU4NjgwMzY0NzMxMw&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VREDSkE6Pzek7h2iPLs6ZI0x1GCU

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NzY1NjU4NjgwMzY0NzMxMw&google_push=AXcoOmSQKZSHSH-a2sxet94NOg0Ad_PWx631SzP6lSFIRBVW0bgDeXyAreCq-u25dL-JJU_wea8VREDSkE6Pzek7h2iPLs6ZI0x1GCU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 51A0 0
139 B 451ms
76ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPTWDPPI9fuC3BweRRyDpNd0ctBl2JxoTVn2B3ZcykKzo_SmqfPt019KznmorcH5vq6kCk

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 87C2 12 KB
6 KB 54ms
54ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5179
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1&google_push=AXcoOmSgz7g8Gq0GD1YCjMXlHcbCINX3XZeZiVcwH94BkCo5pgUB-0u4Bao29c34oqM2m7DXLz_l93xj_QzF9aQbGuH5V4tx2L5EyUy_
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA2ODM4NDMzMTMyNTA1ODEzMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1

43 B
398 B

112ms
48ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED6ur5W968kQrOywEPXAN6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5179
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmT2BxA2nFR6e05KpyueXComFIGQoyupAsDhvhNoQR_...

170 B
188 B

61ms
61ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmT2BxA2nFR6e05KpyueXComFIGQoyupAsDhvhNoQR_Mc4I5pJIHuUC5y4DBSceJVfkY00RD9GyY6mHIZtPwW4DCYgrOfRAE6dw

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 03:01:05 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmT2BxA2nFR6e05KpyueXComFIGQoyupAsDhvhNoQR_Mc4I5pJIHuUC5y4DBSceJVfkY00RD9GyY6mHIZtPwW4DCYgrOfRAE6dw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5179
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKLdWpF4IxIInHWxtnFwqGE&google_cver=1&google_push=AXcoOmSeG5yan8mKqoUGEyxX_iK9J9VYg84fQeLYcmzDgmKmn9uoeKfeHt-0YxB8FwPKIhYPEwo3GWCvgNvRRM...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExNjE1MjA0Mjg0NjM2Nw%3D%3D&google_push=AXcoOmSeG5yan8mKqoUGEyxX_iK9J9VYg84fQeLYcmzDgmKmn9uoeKfeHt-0YxB8FwPKIhYPEwo3GWCvgNvRRMf0DQ...

170 B
329 B

74ms
62ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExNjE1MjA0Mjg0NjM2Nw%3D%3D&google_push=AXcoOmSeG5yan8mKqoUGEyxX_iK9J9VYg84fQeLYcmzDgmKmn9uoeKfeHt-0YxB8FwPKIhYPEwo3GWCvgNvRRMf0DQXnP1kQt9hMRRo2

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDExNjE1MjA0Mjg0NjM2Nw%3D%3D&google_push=AXcoOmSeG5yan8mKqoUGEyxX_iK9J9VYg84fQeLYcmzDgmKmn9uoeKfeHt-0YxB8FwPKIhYPEwo3GWCvgNvRRMf0DQXnP1kQt9hMRRo2
Date: Wed, 22 Nov 2023 03:01:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5179
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDqPh4ml36i_Hfc2nMKetI&google_cver=1&google_push=AXcoOmSM3NidVFT2-9l2-X4Fx4xATagM0sXEiqvk8gUJJ99S4B_J7jwCtbdDVxezfD8-Yg_VdDo2-aDLM6VtRVwrUESmo4y...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM3NidVFT2-9l2-X4Fx4xATagM0sXEiqvk8gUJJ99S4B_J7jwCtbdDVxezfD8-Yg_VdDo2-aDLM6VtRVwrUESmo4yXY2M6eCv_&google_hm=eS1FaGZpSGd4RTJwR0...

170 B
188 B

55ms
54ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM3NidVFT2-9l2-X4Fx4xATagM0sXEiqvk8gUJJ99S4B_J7jwCtbdDVxezfD8-Yg_VdDo2-aDLM6VtRVwrUESmo4yXY2M6eCv_&google_hm=eS1FaGZpSGd4RTJwR0NQdURVVHUwbDAzUUdnc01oSW12en5B

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM3NidVFT2-9l2-X4Fx4xATagM0sXEiqvk8gUJJ99S4B_J7jwCtbdDVxezfD8-Yg_VdDo2-aDLM6VtRVwrUESmo4yXY2M6eCv_&google_hm=eS1FaGZpSGd4RTJwR0NQdURVVHUwbDAzUUdnc01oSW12en5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5179
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56b...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4OTgxMTQ3OTUxNDg1OTQ&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6b...

170 B
188 B

47ms
46ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4OTgxMTQ3OTUxNDg1OTQ&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6bznBJ8AloP5ttvGiPKK3z47C

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE4OTgxMTQ3OTUxNDg1OTQ&google_push=AXcoOmTDUIVXATrX8Pj-otyz8J4_2k78NvaXdVeg2Cejo-zKC2agtNPtb0fxZat6ECOdFhkM56bOJ6g6bznBJ8AloP5ttvGiPKK3z47C
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5179
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvEKt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMeS6pchnvyssfxM8gNGuyk&google_cver=1&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODQ3Mzc1MjIyNzI1MzQ0Mw&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvE...

170 B
188 B

55ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODQ3Mzc1MjIyNzI1MzQ0Mw&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvEKtOeZw4Nox7d29bkoDJRIqqyus

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODQ3Mzc1MjIyNzI1MzQ0Mw&google_push=AXcoOmSvC8M6Dq1QcMQB7vLBViCgaELiGdEOKnJ2h1BIof9CUF2P2RCzIBl9YP0v8sEFLpPAGJykvEKtOeZw4Nox7d29bkoDJRIqqyus
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 5179
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEF-KfO1cSi6r...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MDk4MDE1YTItODNmMC00OTA3LThmZDEtYzNhMGE0Nzk3OWNl&google_push=AXcoOmTFz7dLIbYkzcpJ_DHWRpiBWZWbEEbhR1oGGgx7cid6RMQDXEFH10il9EurI6C9c...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

59ms
57ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:01:05 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5179 0
49 B 434ms
108ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5VIP5LIXypNed4Efw6Mp26CDjADFnOWiGT2HFteQuzMVbkd-zQ9ugeNHGiF8ZwMpvcH0m_A

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A1AA 2 KB
2 KB 44ms
43ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=148&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=296&rid=4&s=mvkMAZwpDA5AX7mpNTVglkAC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

10bc0c2a4ae15beb8409efdeb2b71629bef3d37326d0dbaa647395c913f3a142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2336
expires: Thu, 14 Nov 2024 12:56:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A1AA 98 KB
98 KB 68ms
67ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 100128
expires: Thu, 14 Nov 2024 13:03:18 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A1AA 0
127 B 44ms
43ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=KYn9qlXNKzKDm-lPU9Mey3TjfFqYvUsIYgVAn139xElr0lsLSCfaXcq1fu05NrkDMRaE3lilC30kOFtZKkrSkI9UH9ctTwArKuy6oZQpwggrVuHUYux6ODm-fZAFn99dYXjDgexiEzWIXOsGHQLdhJZ5NSzMA3HUwPf5PQKPpF8_xSdirE-NFmxmM4-j_h7rx3i4hQ_nIuyDxVpUy4f1JVcyTbhUjYyAicNtSITE5ubgGg0w7uC8cTwq8hEGkHoKCfcpXQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A1AA 2 KB
1 KB 45ms
44ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A1AA 2 KB
1 KB 45ms
45ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 87C2 7 KB
7 KB 95ms
95ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

57cee790e11017e033b8f04438d105ba59b030bc5456f955583fc0ec34b63bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7028
expires: Thu, 14 Nov 2024 12:56:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 87C2 0
127 B 50ms
50ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=urEb41XNKzKDm-lP7faLorERNe517RYxUKiP2UrQEGgvM1z2xWWokXciEGg_JlMOjJyfZGV1TL1D3ghuKYUr984Xei-ax6TNtJAsWx7ibq3HOk4V9cyx-aKaqK0gLSQPSamU02PcKJwWw0JRqmx5xS9bSxk7QYIHsEUp6ahuXymBCanF9fR_SK41g_sP7PqP2PB2WMUu68knEViaQcmL9IBHDrheooUox38VV_ZuPM8kJODUca-cyXUGIvVvepl_5bMRzQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 87C2 2 KB
1 KB 53ms
53ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 87C2 2 KB
1 KB 51ms
51ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:01:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41A3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENvw0Imn2NXnxX1vUMcIcqQ&google_push=AXcoOmS2aYy1_p5mcOSujchiaS6ipneW7WM99jGR9w9MprkAH-OJFlWKVz...

170 B
188 B

34ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENvw0Imn2NXnxX1vUMcIcqQ&google_push=AXcoOmS2aYy1_p5mcOSujchiaS6ipneW7WM99jGR9w9MprkAH-OJFlWKVzCuoW_EdrAyy1O4XoaItFBShtO6CCw97aKHdkTz4k0eKVpW

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230128-FRA
pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700622066.791904,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENvw0Imn2NXnxX1vUMcIcqQ&google_push=AXcoOmS2aYy1_p5mcOSujchiaS6ipneW7WM99jGR9w9MprkAH-OJFlWKVzCuoW_EdrAyy1O4XoaItFBShtO6CCw97aKHdkTz4k0eKVpW
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 41A3
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEG6qR3z1wsOyef6lkWwiLOo&google_cver=1&google_push=AXcoOmTgEfYslq6dMmHM1ecno7hwT4iN9vsVVBmF8YnDFjjiGHOGy5jtOhrVJtZDdgeBe0qNtnsMHIZN4ups8Q8srOqwFg6grlVrH3mB
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A969B066B3354A0AA46FB7DB7F256AB3&google_push=AXcoOmTgEfYslq6dMmHM1ecno7hwT4iN9vsVVBmF8YnDFjjiGHOGy5jtOhrVJtZDdgeBe0qNtnsMHIZN4ups8Q8...

170 B
232 B

137ms
82ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A969B066B3354A0AA46FB7DB7F256AB3&google_push=AXcoOmTgEfYslq6dMmHM1ecno7hwT4iN9vsVVBmF8YnDFjjiGHOGy5jtOhrVJtZDdgeBe0qNtnsMHIZN4ups8Q8srOqwFg6grlVrH3mB

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A969B066B3354A0AA46FB7DB7F256AB3&google_push=AXcoOmTgEfYslq6dMmHM1ecno7hwT4iN9vsVVBmF8YnDFjjiGHOGy5jtOhrVJtZDdgeBe0qNtnsMHIZN4ups8Q8srOqwFg6grlVrH3mB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 21 Nov 2023 03:01:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41A3
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBT1Pk8UsuiU1MjtCgvXjd4&google_cver=1&google_push=AXcoOmQ--oKTq4_GKLNndm4YI7R7ItoCd8tED5RrnMCDkI836XO8yR5KdHkUakdlGA2T4U9jILdV5xjQJU-B11UnjX...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBT1Pk8UsuiU1MjtCgvXjd4&google_cver=1&google_push=AXcoOmQ--oKTq4_GKLNndm4YI7R7ItoCd8tED5RrnMCDkI836XO8yR5KdHkUakdlGA2T4U9jILdV5xjQJU-B11UnjX...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZjZmMyZjMtOGIzYi00OWU5LWIzNmUtOWJiNTkyYjIxMjc1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16cfc2f3-8b3b-49e9-b36e-9bb592b21275

170 B
188 B

55ms
54ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZjZmMyZjMtOGIzYi00OWU5LWIzNmUtOWJiNTkyYjIxMjc1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16cfc2f3-8b3b-49e9-b36e-9bb592b21275

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZjZmMyZjMtOGIzYi00OWU5LWIzNmUtOWJiNTkyYjIxMjc1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16cfc2f3-8b3b-49e9-b36e-9bb592b21275
date: Wed, 22 Nov 2023 03:01:05 GMT
server: Kestrel
content-length: 423

GET
H2 200 sync
x.bidswitch.net/ Frame 41A3 43 B
146 B 329ms
53ms Image
image/gif 3.126.125.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMgU3MKIeaIUMN2yfPViAVs&google_cver=1&google_push=AXcoOmRRuO5FSF61Y8ypHuQUVPUV4gvcVlr_yWbC1HQ74pTi4tS1p7CLwgETyP_gREjZZSj5SddTIR5ruD0IpLn6hApRQhAOjSSO6cCO
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.125.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-125-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41A3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDqPh4ml36i_Hfc2nMKetI&google_cver=1&google_push=AXcoOmS197pvXpfKX4Rt2ouAHCsc9VCA4YkLmNlhWzIdJHU9c-1VwpovWkNo2YNm6R5lQm4kJN7Iw5xDqVc1jRzg0Pd0wA9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS197pvXpfKX4Rt2ouAHCsc9VCA4YkLmNlhWzIdJHU9c-1VwpovWkNo2YNm6R5lQm4kJN7Iw5xDqVc1jRzg0Pd0wA9LxZF4r-fK&google_hm=eS1MUmQxMGpCRTJwRm...

170 B
188 B

55ms
54ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS197pvXpfKX4Rt2ouAHCsc9VCA4YkLmNlhWzIdJHU9c-1VwpovWkNo2YNm6R5lQm4kJN7Iw5xDqVc1jRzg0Pd0wA9LxZF4r-fK&google_hm=eS1MUmQxMGpCRTJwRmp0SjgxNU03VjFYUUR2RXRYRkVMcn5B

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS197pvXpfKX4Rt2ouAHCsc9VCA4YkLmNlhWzIdJHU9c-1VwpovWkNo2YNm6R5lQm4kJN7Iw5xDqVc1jRzg0Pd0wA9LxZF4r-fK&google_hm=eS1MUmQxMGpCRTJwRmp0SjgxNU03VjFYUUR2RXRYRkVMcn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 41A3 43 B
363 B 326ms
49ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRor0GQPbmh1e8tQMQCL8FsPXP4ppnasINFmes0xS9XP_MQEuomOnIPj2vXEa3XykdYrf6K__ZF60JgJtq7ALMYgtPIRrDKXQ6F&google_gid=CAESEKwCM4YwFRNuRQmA_iLP_cY&google_cver=1

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 224010
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41A3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJY4nrOsHDq4yfpqt5sNdw4&google_cver=1&google_push=AXcoOmSM8pCQowS5jpoPFu__MhPAcyhWqcJXG7Sbh6h89T95YuQucEkBikuAnO6TYhN_t_zze2g5JQADaXqG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSM8pCQowS5jpoPFu__MhPAcyhWqcJXG7Sbh6h89T95YuQucEkBikuAnO6TYhN_t_zze2g5JQADaXqG7DBfLGSFce0IDk7HHBm5

170 B
188 B

36ms
30ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSM8pCQowS5jpoPFu__MhPAcyhWqcJXG7Sbh6h89T95YuQucEkBikuAnO6TYhN_t_zze2g5JQADaXqG7DBfLGSFce0IDk7HHBm5

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSM8pCQowS5jpoPFu__MhPAcyhWqcJXG7Sbh6h89T95YuQucEkBikuAnO6TYhN_t_zze2g5JQADaXqG7DBfLGSFce0IDk7HHBm5
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 41A3 0
49 B 335ms
109ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWUCBWxPt8VWuiHGE1QMNRS9x8ZYONcWQSukdZ-i3su2rHDFOGkgKirRi6I4CXdPCdKuvh

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 48BE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a19634329d4db9a8f7a6b32799bbb241e0468a38e630ce22f75ca9613bd39a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AAF1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a5b2bd0bd49d0eac73559130aca05b88e507e08e771c55cefb6b2524e2a8191

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B5DE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 467526911f1a2b12b44bc5c75e3d629fa9289843c8e8897a8694b69da57439f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B5DE 0
0 78ms
77ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-y3e725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoEzQJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLeng8SNqNkpKo22MKfWwxLPw-c-E3o1zV6i_1nTfiaTb6c3hNsTzgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=5H0kYlm_S9g&uach_m=[UACH]&cid=CAQSPADICaaNytENZZUAQtSCrT1f5CBbFYuTuCXpdYskVb3M02LcVy15EqfPPyakapVKEwxqaz_LzsZNvYrrmhgB&cbvp=2&vis=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B5DE 0
103 B 474ms
35ms Image
image/gif 34.95.89.54
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kz848esk8rft6atb1xtp189f8ehzt7mbb46y832d7xvdbne30mcxyvngcx1bzc7rt4texr9d71x11krgn8bqagjtx65kyn044m4rq81a433gjz44vnkgcvaemysh4640557w7j4hw8s38j8bjckhvj4y1dyajfegcmtrg74aw322d3ckts88s66dgdq15bkv8xytz8zrfvpmkn8jyb41qch736wp9zw3hk627t6a7a17xt1fjh3nytbt5nw0cz8az5x13tbk6k7t90tkr8ef2n5vywfp9wvcj4f5zngn2a8n4788yytvfabn42tzkrhqbkd2nspwjc822wxmmk10f4kzt7sjaq6t9q4bp8w79cc36pkyagdh8sr0g2xg7zfdafpehcya8&b=ZV1u7wAFbLEHg6KzAAwcdEgeGGOvQ9IkiqIESQ&cbvp=2
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9FF1 115 KB
14 KB 76ms
52ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g3kf0zd8mvqw74snpvkp2xpgmm4m7jtrqykavwnehvcxjbxjp01vdv9ddcjrywqgve7qnb6fb5x4kgw65m0gwpxk0vp4xjb6tfh63hqmkesatzjgyzxyw56v8gmt2b3c6xpq7ms17bvd7hcd55c1x49sd625mp6jx82ta220gwj72jrhqj61y0jd2pbqbsf40y9bdydy9yq5vyryhxbwr4g495w6hec46mkxdydjkvpxgh7sjvnyyj71pqrrkvdbaq7031jxvrdx7s5hhnfbnv2qj6whzpmv3sxqf5w086pf7agv6ymxxfwtn9thhmrcz9vfxgwn1m1nxw1vjmkj71w33fh4kpdqmr7bqea42xnkqfd4q9xa99wfbmqzq1mbt80kr7sj6j3ym2gfcjpj6zv6hd4by3ejwjddk7tmeh37xvwy3c36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g3kf0zd8mvqw74snpvkp2xpgmm4m7jtrqykavwnehvcxjbxjp01vdv9ddcjrywqgve7qnb6fb5x4kgw65m0gwpxk0vp4xjb6tfh63hqmkesatzjgyzxyw56v8gmt2b3c6xpq7ms17bvd7hcd55c1x49sd625mp6jx82ta220gwj72jrhqj61y0jd2pbqbsf40y9bdydy9yq5vyryhxbwr4g495w6hec46mkxdydjkvpxgh7sjvnyyj71pqrrkvdbaq7031jxvrdx7s5hhnfbnv2qj6whzpmv3sxqf5w086pf7agv6ymxxfwtn9thhmrcz9vfxgwn1m1nxw1vjmkj71w33fh4kpdqmr7bqea42xnkqfd4q9xa99wfbmqzq1mbt80kr7sj6j3ym2gfcjpj6zv6hd4by3ejwjddk7tmeh37xvwy3c36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 868285
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaUHLu4nBWLAfEixB6NOHLiUfKjpqCupwAE%2Bqf8RGpLpbzVao2JlgovobpbBlXSqxIUmm37r6PH%2FTL9tZX84bzsE7pq02jUZTB5ngmr7Kxasa5JMDgN%2F%2BfIUtRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 829ded07d807690f-FRA
expires: Thu, 23 Nov 2023 03:01:05 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9FF1 25 KB
10 KB 92ms
71ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g3kf0zd8mvqw74snpvkp2xpgmm4m7jtrqykavwnehvcxjbxjp01vdv9ddcjrywqgve7qnb6fb5x4kgw65m0gwpxk0vp4xjb6tfh63hqmkesatzjgyzxyw56v8gmt2b3c6xpq7ms17bvd7hcd55c1x49sd625mp6jx82ta220gwj72jrhqj61y0jd2pbqbsf40y9bdydy9yq5vyryhxbwr4g495w6hec46mkxdydjkvpxgh7sjvnyyj71pqrrkvdbaq7031jxvrdx7s5hhnfbnv2qj6whzpmv3sxqf5w086pf7agv6ymxxfwtn9thhmrcz9vfxgwn1m1nxw1vjmkj71w33fh4kpdqmr7bqea42xnkqfd4q9xa99wfbmqzq1mbt80kr7sj6j3ym2gfcjpj6zv6hd4by3ejwjddk7tmeh37xvwy3c36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 429093
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0K0hj1krizXJ4G5%2BE9cfQmLKFVOwz37kDZ%2BHFrVP3W%2BxgResozQYi5apsQe5m3t3Q8vv4A0L%2BZqc37NgF72%2F5NGQaZjTV25OOTJQF%2BVQrA2%2FrZPK%2Bl4pOVA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 829ded07d808690f-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 Nov 2023 03:49:32 GMT

GET
H2 200 th
www.bing.com/ Frame 7642 30 KB
30 KB 61ms
54ms Image
image/jpeg 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559527029728_14VB06DFOW7F9QJ49G&pid=21.2&c=16&roil=0&roit=0.1075&roir=1&roib=0.8925&w=379&h=198&qlt=90
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04048020b9845db01254ec9ceb1ea41cf246c8dc71c54135fe69727cc01a7117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B66403E624EF4B39A298DA7E1877AF8C Ref B: FRAEDGE1413 Ref C: 2023-11-22T03:01:05Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 30295

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AAF1 0
0 74ms
71ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_MVU725dZa7ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS6Ak_QYvU68dfB3PIXjIwqujFe8iST4BEbZsqSIvoXT9zcsdk-97KFHnqg9HItfs3Kf1L3WN7Cfo269ka-vs-LVNOKlUYdKZRMhUMweT73T3N_PcB-eFm4G8OZOGpCN8zoJmL9LyoGTfMmPFjehdPE18aBDCFmxtFHEFha4mdvWnJCeEPITUkxORxkTN9TSSangSAmsifHOnfNHX7T8GkiaBm63i2Tb-wRkgUhCeHRlf4yxhh3kugQtnP4V5NQ8AoJjpE7jAE8vvQyyQZWwhUB_94fwrokPhEQizUhZHp2fkWh5QxjVwvYWZUN_FDms-Kv7LbAfcM0zFcXdflLT9KFKEaZjm8h-XVtEFBXYZmt8SjE8z_Rfq6gioISoWB1asEBfHysTEwxc865OnZ4XpXcRJR1Uqcowf6R-dM94AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAeINEwiM6u3vztaCAxWzooMHHXQcDN3QFQGAFwGyFxwKGhIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=2QZ1Z78_Ijk&uach_m=[UACH]&cid=CAQSPADICaaNytENZZUAQtSCrT1f5CBbFYuTuCXpdYskVb3M02LcVy15EqfPPyakapVKEwxqaz_LzsZNvYrrmhgB&cbvp=2&vis=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AAF1 0
125 B 83ms
33ms Image
text/plain 178.250.7.12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGd6BMNgFWp2DYgICAAAAolJbmJnQbY4Q7m5dZfMUMsasrc2z5k4AABIAAAoKQVFVRER3RUJEdw&wp=ZV1u7wAFbK4Hg6KzAAwcdOYOtBEh-q52hp6NgA&cbvp=2

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 147064
server: Kestrel
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 48BE 0
0 78ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6JbJ725dZa_ZFbPFjuwP9Liw6A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgS7Ak_QdrPc_ZYCeSDC3LBTWAGhssTRCyw-e-vLvfSFDElwQ8yIqn0bQzrPTfjEhUO5g3gGg0fIpywaAAPY1fqeTLqNHQXH_Tu7cPpJVg3hNmZyGd66BpD4HkibMQx-l-Ri2tC2wDkJ30D1c7f5stKR3otPOJPEpX1V7G69YipgbUk47_nsmhIyB9c9IQaCRPSKteLbsezY-60agLyjsFSCuEftt4yM0LCX3xHSRZ4TgYR_NpdNj2pOoBqjr46KI5O-zfMtOdeBNN-2rEo5sxOR1YrDW-WfR6xwH8CeYQ75rYr3PFe5QO36RaTi2QcnECBRnA8VieNbZ1TcFY-FyOkD_uUf0yUVlyFRVm55OIS9DDNrjqcXzWWkMXyvoTtV5oPgTG6B4GkGeBR09Wo-2J2ngs6S8xSoE15G82x7C-AEAYAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHiDRMIjert787WggMVs6KDBx10HAzd0BUBgBcBshccChoSFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=HZz9Ydb9fnw&uach_m=[UACH]&cid=CAQSPADICaaNytENZZUAQtSCrT1f5CBbFYuTuCXpdYskVb3M02LcVy15EqfPPyakapVKEwxqaz_LzsZNvYrrmhgB&cbvp=2&vis=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 48BE 0
126 B 445ms
25ms Image
text/plain 178.250.1.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGeLBMMoH-gGdg2ICAgAAACffBoTJ5kr9EO5uXWWfoYAXu5lDuM8EAAASAAAKCkFRVURBUUVCQVE&wp=ZV1u7wAFbK8Hg6KzAAwcdK7hGrXt3IJ2L_8psA&cbvp=2

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:06 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 146053
server: Kestrel
content-length: 0

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 7642 0
532 B 104ms
24ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe&e=wqT_3QKlBOglAgAAAwDWAAUBCO_d9aoGEKavjNrA76nIMhgAKjYJgHb7MuGRnT8RaxaxWIXInD8ZAAAAQArX_z8haw0SACkRJAAxARvAMzPDPzDKlLgDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjr8gWAAQGKAQNVU0SSAQEG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtcGFsZW9oYWNrcy5jb23YAvAG4AKiqDHqAjxodHRwczovL2Jsb2cucDInAAQvcAEP8JotZ3JhaW4tZnJlZS1zdHVmZmluZy1yZWNpcGWAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOFzzzgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXT4bH2t_vcwWjABQDJBQAAAAAAAPA_0gUJCQEKAQFw2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfr8gXSBw0JESgBJgjaBwYBXqQYAOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=26f421c551c98faa86c0202e3aef04cee7304cf1&bdref=https%3A%2F%2Fblog.paleohacks.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fblog.paleohacks.com%2F,https%3A%2F%2F902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
an-x-request-uuid: 7c74bb1e-5cc3-41f2-8b52-80a04ef509a8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.133.93.105; 31.133.93.105; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9FF1 350 B
902 B 442ms
35ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139314
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XU2Cmd2UlztTNHqtBoXW6SXt9ZjCc%2Br5b5KD3Gv1wC%2FmLa%2FCNQNAi8%2BQFhjlFIlvl3zlN%2BemANTlj6seX0brG9%2FEQVWO70FpxxXkIWr36YMhd8yu1K5duNbF0t86OTrV%2B4vl0Qt%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0c6ebf912b-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame FB8C 2 KB
2 KB 23ms
22ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1032362
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 829ded0a1ddc37fb-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 03:01:06 GMT
expires: Fri, 10 Nov 2023 05:08:36 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX9dy1aiPCUmlYu1nNZRyc4ZRQznitdtAUHchC688Psx7oi4BoQ1PUIVJnpVMr58kmGrD5SbVsAkK%2BHHb9hrIHnmMjYsXn%2BvyYMeHqd6DtzXoy1T30WlRExADJTCZiof0nd6AiQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9089 1 KB
643 B 11ms
10ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AAF1 42 B
108 B 64ms
63ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ1NN7qAa8Lskqij96DRVCKmEGhtqTWbPozfEk_zb_caWA04Wa3kLWZSuK7yNn4q4E3eegc3fW28xqVlsSpVdUs3X-YCncUKnKmqsjieZzBiZppUBi&sig=Cg0ArKJSzKMMWxLRVil2EAE&id=lidar2&mcvt=1074&p=1110,436,1200,1164&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700622063821&rpt=1780&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48BE 42 B
108 B 63ms
63ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstV1QanfwleiIh6CbMuW5iHAR_XineMSsnLehoTiuM1a4KBmcHbrMOGnWRVG3hYq_l36NkYmFAqi1EXvX1YXKjx_pPkztZ3EgfNb1wWcYU6wdfe1iRi&sig=Cg0ArKJSzG3Updb3k-SJEAE&id=lidar2&mcvt=1078&p=340,315,590,1285&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3129430941&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700622063850&rpt=1705&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A1AA 0
127 B 48ms
47ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 87C2 0
127 B 48ms
47ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
DATA 200
OK truncated
/ Frame 7642 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 129332ef408d2cfb16e6881ac18d902ccbcefae76395f7e6b0d43d694b513e56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 7642 0
581 B 29ms
29ms Ping
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe&e=wqT_3QLEB-jEAwAAAwDWAAUBCO_d9aoGEKavjNrA76nIMhgAKjYJgHb7MuGRnT8RaxaxWIXInD8ZAAAAQArX_z8haw0SACkRJAAxARvAMzPDPzDKlLgDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjr8gWAAQGKAQNVU0SSAQEG8E-YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtcGFsZW9oYWNrcy5jb23YAvAG4AKiqDHqAjxodHRwczovL2Jsb2cucDInAAQvcAEPyC1ncmFpbi1mcmVlLXN0dWZmaW5nLXJlY2lwZYADAIgDAZADAJgDCaADAaoDmwMKsQJodAlS8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2UzNmI4YTktZjQ5YS00MTBjLTk0OWEtMWQ2Y2UyYTY0OTE0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzIxMTU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0UwF0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzM2NDM1OTYyNDk3NDk0NjA5MDIiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNek5UY3hNams0T0RnNE16WWpNak16TlRFMU5qVXpPRGs1TXpVek13PT3AA9gEyAMA2AOFzzzgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXT4bH2t_vcwWjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfr8gXSBw0JESkBsQzaBwYIBQmo4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=e8f9206f737b0a2668fa925169cc290e89f8db62&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=478&bh=250&sid=5030256451319991743&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7211594&sw=1600&sh=1200&pw=970&ph=250&ww=970&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
an-x-request-uuid: 5ec87aab-d23a-4969-b656-1ce6d9335dfb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.133.93.105; 31.133.93.105; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304050101&jk=206900439635819&bg=!l5SllNvNAAZxrfrxUa07ADQBe5WfOCXrvGh2e1CVk9cvqHnVRUsw0OGGfDfXozMlbAxFRei1kmJ-i9ec_iPEQlDHV-eRAgAACX5SAAAAA2gBBwoAeKcUGAp_r7f5iD-nIkVlY4uyy_WW-iBwwU1oJ5umd3uNwjxYuCHvsqekOEz2sS7GygsiT4_IcyyeZFrs59D3msgy2QGiTu2m4PsovP5OEF82x_q0caOpgCVknvLhxjcXuuRFdW5hXBS-iqnuEaN85aEzhabra1qFYZkCxmzNRYh-wSKUOAo3_IAp0x08WF3Doi5VJ1fCTJl5rN6UT-vQ61vc78cb4nTvLVJam_36LXSE_en4yUvb1nC_JpquTLcl3m1ulTWH_PYyH1gXwghvti85XWyvZ43ivMPnU5OTOv4AXfzo4jU3tOx3r77Thp0P_yqe3vDUl8czOH10wLOR_bYXNbVfYitP9jCa6ZfKRyU0vWZZAd5kqsOQzeNiMicbFf4NC6W6osku5HBrlMWy3EFVxCKSEBTnHlTIhD05xoYd8pMY6jhIPUInoOG-TeMvIfdrY54aLKQ2yG2CvbgWJ5a06BjWrcGHHI86_CSCunNp8YY7Ftj_1kzSBWDmhJELooQCcwSpg0e7BHam0hGk1o50ifYb7_zIwqgC6kZJZil12U8q3hBd_snJwbVoNuk-X7j3SAEiIfdWMI9oRXvHb1KT2SpLEj_wqMAakNLFQG4gMPl5bHJXGXPocK_CiUgfklM3qUrkETAsoifuH_74i-byGmwRYiLArWJbVJqSTkV2vF7XI0Mm6Ieb94cK6jAyvo7WYDWdeem9Eazdoy06jjaxdc1DnsPXRYQJFcq_Wlx5a2AJ-E1fSOdoCUTAU_hAru0zefJmaa2SxW9SA5tvteMfPwAzl_7lqne7vEXJcu2xo050GtHUQdL5l_aEpMgm-ggQ07_CrYd5I0ohXAfWj2XHtBdURZRMl4vScNGqbIu5tEXGgN2ZGYSPg6sOwyPDtRpfdAZxlGtn-RDn6Y44AwjAXmxuGNu9Iw6wrZdCsl4oDjwZsQnc_heeoMB_KGolXr2XjTCRUROu8CyhCfZODWiy-e6mz3ib9sCPPKQ36ztGbjmmyvzwhn_9owNDgwOa_7BuW9r86YHuDZki3i8OANKDHLIB2jbB4O6dPnGLZBlB6P0rZ26zQLqVFDbQ2I_UcEnw-lbjMBFVdcI0oWl1Zl5G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7642 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWcPO725dZbDZFbPFjuwP9Liw6A3S4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJ4AIAqAMByAMCqgTDAk_Q9fntzTRzDm8jWfHjKALIbmKtcPPo1OC6nXpLd83Z3y6ysgeVTLlxF1L2O8y2ylkuOoq5prmbaYy4O-Ujo0lT567ibNE2MkYAQymrHr9RdfWCUPnejMW1f7iZ9eRvniZfCB04Vhn8fJyPMsZWfU3wGkHAVGml87HxoL9cZtRTKyGGoBHquUcHWJRxvGV6bAamjN7ZTyjeR_irivC8MZEaCZYpEyaoT04fNXXPJa-kVUXT2Ps3q3LSeCRvxdD22nkIrCvDECzfOrpQP7IB489CD-5v-PDHKFS_LQMQRN17ysDbkOxye9PP6m3dbvMMGsMsbLN-MP7Gzyod3pKTKzLSjpo2ZVZut-QnN6_TV5WXXqSzjXm6UAEVMmw1ovn7ijzs15ZtcuyO6hY4sZI4cnX3tQUlYkTcPpwYwZR6o_wQszFH4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHiDRMIjurt787WggMVs6KDBx10HAzd0BUBgBcBshccChoSFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=zLVZ5z0q4z4&uach_m=[UACH]&cid=CAQSPADICaaNytENZZUAQtSCrT1f5CBbFYuTuCXpdYskVb3M02LcVy15EqfPPyakapVKEwxqaz_LzsZNvYrrmhgB&cbvp=2&vis=1
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 7642 0
531 B 31ms
30ms Image
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-grain-free-stuffing-recipe&e=wqT_3QLEB-jEAwAAAwDWAAUBCO_d9aoGEKavjNrA76nIMhgAKjYJgHb7MuGRnT8RaxaxWIXInD8ZAAAAQArX_z8haw0SACkRJAAxARvAMzPDPzDKlLgDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjr8gWAAQGKAQNVU0SSAQEG8E-YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtcGFsZW9oYWNrcy5jb23YAvAG4AKiqDHqAjxodHRwczovL2Jsb2cucDInAAQvcAEPyC1ncmFpbi1mcmVlLXN0dWZmaW5nLXJlY2lwZYADAIgDAZADAJgDCaADAaoDmwMKsQJodAlS8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2UzNmI4YTktZjQ5YS00MTBjLTk0OWEtMWQ2Y2UyYTY0OTE0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzIxMTU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0UwF0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzM2NDM1OTYyNDk3NDk0NjA5MDIiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNek5UY3hNams0T0RnNE16WWpNak16TlRFMU5qVXpPRGs1TXpVek13PT3AA9gEyAMA2AOFzzzgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXT4bH2t_vcwWjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfr8gXSBw0JESkBsQzaBwYIBQmo4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=e8f9206f737b0a2668fa925169cc290e89f8db62&pp=ZV1u7wAFbLAHg6KzAAwcdH98qMXstmvDMdpwBA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs92-725dZbDZFbPFjuwP9Liw6A3S4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJ4AIAqAMByAMCqgTGAk_Q9fntzTRzDm8jWfHjKALIbmKtcPPo1OC6nXpLd83Z3y6ysgeVTLlxF1L2O8y2ylkuOoq5prmbaYy4O-Ujo0lT567ibNE2MkYAQymrHr9RdfWCUPnejMW1f7iZ9eRvniZfCB04Vhn8fJyPMsZWfU3wGkHAVGml87HxoL9cZtRTKyGGoBHquUcHWJRxvGV6bAamjN7ZTyjeR_irivC8MZEaCZYpEyaoT04fNXXPJa-kVUXT2Ps3q3LSeCRvxdD22nkIrCvDECzfOrpQP7IB489CD-5v-PDHKFS_LQMQRN17ysDbkOxye9PP6m3dbvMMGsMsbLN-MP7Gzyod3pKTKzLSjpo2ZVZut-QnN6_TV5WXXqSzjXm6UAEVMmw1orv5q64uc2wA5hb6X4hhNSQ8UX9zvCs9u-ZaZxikQb5WuzyRUVzTQ2AZ4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIjurt787WggMVs6KDBx10HAzd0BUBgBcB%26num%3D1%26sig%3DAOD64_3OvetXscSsckDZx_TMjPnhWcjPbg%26client%3Dca-pub-5144389657785565%26adurl%3D&cbvp=2

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
an-x-request-uuid: 4f460e36-aa8d-42ee-9161-495142d228a4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.133.93.105; 31.133.93.105; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEeTQ8a1c4p89Q-zPP7WlqM&google_cver=1&google_push=AXcoOmQzETnMZ_qnrHhLUbf_alSoKwtc1g21Xe-YPBNcCrYFlVMEr4k6m0...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQzETnMZ_qnrHhLUbf_alSoKwtc1g21Xe-YPBNcCrYFlVMEr4k6m0H34F0O33a-_i1fM2IUfDR2ewuAa7vz1JQGf00q4M3wJlg&google_hm=AA

170 B
188 B

19ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQzETnMZ_qnrHhLUbf_alSoKwtc1g21Xe-YPBNcCrYFlVMEr4k6m0H34F0O33a-_i1fM2IUfDR2ewuAa7vz1JQGf00q4M3wJlg&google_hm=AA

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQzETnMZ_qnrHhLUbf_alSoKwtc1g21Xe-YPBNcCrYFlVMEr4k6m0H34F0O33a-_i1fM2IUfDR2ewuAa7vz1JQGf00q4M3wJlg&google_hm=AA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmQcYoAl7iwiPFWtEJa8_pKirVZh887lmBpwcwzUxPB...

170 B
188 B

28ms
28ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmQcYoAl7iwiPFWtEJa8_pKirVZh887lmBpwcwzUxPBk3joEinYnD9aE1yp3TSrTvwv0DyOLTSQaalUdlK1f7V-UyVLavIHWRN8

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 03:01:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0ZNenhhQTUxUjVEdTk1&google_gid=CAESEDGG5kJoeADDHm0oy2XNs48&google_cver=1&google_push=AXcoOmQcYoAl7iwiPFWtEJa8_pKirVZh887lmBpwcwzUxPBk3joEinYnD9aE1yp3TSrTvwv0DyOLTSQaalUdlK1f7V-UyVLavIHWRN8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG_YynE88vVO6wxW5Y3iNDw&google_cver=1&google_push=AXcoOmSgIuvLbyQvr54AuwWdLUcKMymWvMCtcYu6WNVUdbsjtRm_skxOeS86sL1YdNqYnpealmyS369mejT...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSgIuvLbyQvr54AuwWdLUcKMymWvMCtcYu6WNVUdbsjtRm_skxOeS86sL1YdNqYnpealmyS369mejTbn5v2uCWuU1kTI2UGIVc&google_hm=pQxtGcKHRmCEb1SKa...

170 B
188 B

23ms
23ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSgIuvLbyQvr54AuwWdLUcKMymWvMCtcYu6WNVUdbsjtRm_skxOeS86sL1YdNqYnpealmyS369mejTbn5v2uCWuU1kTI2UGIVc&google_hm=pQxtGcKHRmCEb1SKa4CMimk

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSgIuvLbyQvr54AuwWdLUcKMymWvMCtcYu6WNVUdbsjtRm_skxOeS86sL1YdNqYnpealmyS369mejTbn5v2uCWuU1kTI2UGIVc&google_hm=pQxtGcKHRmCEb1SKa4CMimk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJi_zGcRiDa0r1jSty_cjyY&google_cver=1&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJi_zGcRiDa0r1jSty_cjyY&google_cver=1&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G0OUUz9g

170 B
188 B

21ms
21ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G0OUUz9g

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmStpBFhaGsTYFx3wxf4UMr2k-1b5JbKZIjNYBumkfahPfDIMer1GFc8bXkeR0AsthjmmtvdNGh72Sajdd3r_U7cc2G0OUUz9g
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 9089 43 B
362 B 36ms
33ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ8HHPzQ3qO3JPoEKvDG63PaN6VdPaih-LVlgtDr4Wf0cJ0uWXhLst_dmdoIJzrivFeclda_AXlWXkDPcBsRcKeQEBvLJ-PNQ&google_gid=CAESEKwCM4YwFRNuRQmA_iLP_cY&google_cver=1

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 261811
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 9089 43 B
296 B 612ms
59ms Image
image/gif 3.11.245.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMvQFBqp8nzM6cCzyIbTrBk&google_cver=1&google_push=AXcoOmSo9ob8ngePQm56YWIGE3PailY8jCPy-wZNgpv1Tc31QaGevR6zwpcX2ekoG3FPTk-ISFYarqvNVtJ0o0D-q90sBYHX9JZ-pQA
Requested by: Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.245.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-245-155.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 03:01:07 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9089
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJY4nrOsHDq4yfpqt5sNdw4&google_cver=1&google_push=AXcoOmS6nbmnEOEw_UkTlHqnWiHOLhJQsM_RCws0UxOyK-K-_vQskXUT4vNiZxOzU_UeiH_exEmsN-KgFajH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6nbmnEOEw_UkTlHqnWiHOLhJQsM_RCws0UxOyK-K-_vQskXUT4vNiZxOzU_UeiH_exEmsN-KgFajHwivG3v-Iq9pCKroSwQ

170 B
188 B

49ms
48ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6nbmnEOEw_UkTlHqnWiHOLhJQsM_RCws0UxOyK-K-_vQskXUT4vNiZxOzU_UeiH_exEmsN-KgFajHwivG3v-Iq9pCKroSwQ

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS6nbmnEOEw_UkTlHqnWiHOLhJQsM_RCws0UxOyK-K-_vQskXUT4vNiZxOzU_UeiH_exEmsN-KgFajHwivG3v-Iq9pCKroSwQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9089 0
12 B 22ms
21ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_doFX0aJxip9Or5ZlukTAq5ROrp-dlM_RUAqzOJYCp0TnZZoZw6Ki3cQPNYtc_Uk8any_

Requested by

Host: 902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 133ms
133ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4IgZghiBcDaDMB2ArADgIwAZGuQNgBotUDNTyzKLqrKBdA8CAZxkJAAsOZYAmM3ugbgwMXowCuEmMkzswANxggQjZgBcI6iazi9kwgF5Ro6RgAcA5sqWNL3aCHSJMc3vzTxB8dAE40ACyoePCoAaogCrogeAB0mLH4vhEQADYw8IxgAMYwALRmIACm6gCWys6ueO6YyIgR2dkAJsoAqgCCERrW0GQgzADWFS5uHogA+rI48Ejwrrx4EUWl5so+segzsb7wG7URCkUATsrmRwD2LYxFEiaFEuW91wrpcMLmUTzCzKkaw1U1NC8XyLRipUSmRgAI1S6hgfj62R06nGpRajlQAGFWgBxeB4zCoA6lVHopwjapjdwBZBYfToCKWXKmCk1PB4VCIXyMACORXhWUemAAvkA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:06 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

POST
H3 200 rs Show response
ad4m.at/ Frame 9FF1 2 KB
2 KB 46ms
45ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c53bb96abe758ea7b0099fc4e40c59379314f7e88a331f1ec4b11441fcf31f5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Nov 2023 03:01:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PCy%2BLBWc7mkFlH%2FBZjdd40O%2FsmKhLnVkYmfk2QuTk%2FrlExFS%2FWFPiov%2B7ifDXTjd2oxVD5CUmo6O1RmKRQRq0Z6ERrrWiSMXvZjRu%2BGmcArIDSLW%2BD4MooHMYarPwvdf%2F77qLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 829ded0e5d983a8b-FRA
x-backend-server: aa-reachservice-group-europe-west1-49tp
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 51ms
30ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 829ded0e2d723a8b-FRA
content-length: 24
content-type: text/plain
date: Wed, 22 Nov 2023 03:01:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl6iCCBpWVPpclXF1r1uRapIth8mPC3SfFciEjW5QhNnl%2BSjvn9NxlyyrS9e%2FLCLmEIiqLxQXOCgzUZsLNG5lyyS%2FVZG9vcSS95X0D0goh0slePCimoXgpNKZP%2Bc%2FTn124pu%2Fes%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-49tp

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 05A8 10 KB
5 KB 31ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ba554ef27561aebe70e6976a1991c9acde231dd62996eb13dc4b71382f717d3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g3kf0zd8mvqw74snpvkp2xpgmm4m7jtrqykavwnehvcxjbxjp01vdv9ddcjrywqgve7qnb6fb5x4kgw65m0gwpxk0vp4xjb6tfh63hqmkesatzjgyzxyw56v8gmt2b3c6xpq7ms17bvd7hcd55c1x49sd625mp6jx82ta220gwj72jrhqj61y0jd2pbqbsf40y9bdydy9yq5vyryhxbwr4g495w6hec46mkxdydjkvpxgh7sjvnyyj71pqrrkvdbaq7031jxvrdx7s5hhnfbnv2qj6whzpmv3sxqf5w086pf7agv6ymxxfwtn9thhmrcz9vfxgwn1m1nxw1vjmkj71w33fh4kpdqmr7bqea42xnkqfd4q9xa99wfbmqzq1mbt80kr7sj6j3ym2gfcjpj6zv6hd4by3ejwjddk7tmeh37xvwy3c36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%26num%3D1%26sig%3DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 829ded0ea89637fb-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:01:07 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 05A8 115 KB
14 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 763184
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz2FuQn36rXR0r7u6vSXQi%2F3CI9aqOOAwxqSEbT%2FQ6S3bmHITImIefE0b%2F0fEC%2FTtAcCE9fP7b4IVQRUDV2zGUUcrXpskz3Tf6wfO4HVnSxmwPqb3V7z4fjKwu4%2BPPJeXPNu%2FQJd6C4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 829ded0ee8b937fb-FRA
expires: Thu, 23 Nov 2023 03:01:07 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 05A8 8 KB
8 KB 72ms
52ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25587
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKkTewkDP%2FbuhkpIYPrWewl64gCGvmpgBf99BQZtptFV3uxdHdH0E7%2FVvrMsMl20RgrEyAv5eHpM9uXmjL6xNLlVbjz3ds2cxwNHXzpFsmtjj3wUgZOPpcZe0KPYI8RP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0f1aea690f-FRA

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 05A8 20 KB
21 KB 116ms
97ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23194
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Twt7xoByocQXZCeLCJy1EFfaECd3skT29n711CePxu6QzMDHBG1Q%2BEd9uCM7Clx1b0%2FsGv57qTKiLjA3FJJhEaL%2FbGZocB7Th7EGV02Cb%2F1ud7dciaO2k0CGNymFfMxD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0f1aec690f-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 05A8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKjW3PHO1oIDFdNl4AodrTwCXg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

202ms
66ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 03:01:07 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Wed, 22 Nov 2023 03:01:07 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 05A8 4 KB
5 KB 132ms
117ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19580
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMS7lY5MpU5MRCXSpy5khwp02HOrG2VIdraoBIxOi2%2FQh3ECeSqCnN3ewxVoIFn%2B7H17JpeEzhzMYL5fcGBNroejjakkHyXj0Qu4t6TvlxA8xxfKJiop7SUUIRulueeX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0f1aed690f-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 05A8 15 KB
16 KB 104ms
89ms Image
image/jpeg 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1104674
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eftW6m3OaWU8vPgF8gNFCEZh8luk8iTO0yAsX2oRxUbem0KHgXrIt5S8kWE5xpLfiwLxViKVJNasIYqJWnYvplTp3Autg2x8fY01lN%2BX4wCslDXLUx2oFEZDmQVKx6Ep"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0f1ae9690f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 05A8 43 B
702 B 313ms
118ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 03:01:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 05A8 2 KB
2 KB 66ms
51ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15822
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpnd06IBYHcRrfi4ASVe4NdS%2B4dQgSamJewl61EMi%2FEjG3zVQzySm9gTXXWbL1uaW%2Bbh7pbFD%2Fw6MHYuS1e9F7bAt5p9yGTu7Po3z7DsViS8qYz%2F7INAdXSAOupIs%2BG5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0f1ae8690f-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 05A8 23 KB
23 KB 104ms
90ms Image
image/jpeg 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=94942be546c6cd3225487bc0f425857f%2F5259806650845595552&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700622066949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4kg8te7hhk1fxmaea8gh66fj2zffgkza1ta4n5dr79r3zn8zjrvyncj9dw07n0sxvzc5xz3z84jxg9xmpqrhfbmmt50w73fwej0esxafe33vv7gc6cshfbdvw46dvefdd1pz2mp4prany48678gj7etkmf0f5abkkmw6rzkrwmh7vnd992ten7qjty0p086hdxygyck5t54mev26tyzx2612x91xn2ggy8akw336z6jdmhs4b32jcxdc8rnt7c5fkf9q15g2pvfcaehhv0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7PGT725dZbHZFbPFjuwP9Liw6A2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJTbiK8CU-yPuACAKgDAcgDAqoE0AJP0J4ARawJEsDUx0FScM4sqXtagSbaVTXHay_tdj66X-VX30ZnV5G_-2FrpZM-7sogsJhjZca9KF3wuK7X0_I3kcEjKKkoj-7ZPBEoalWEJBA8jNIki7-toCtd0NahFuOJ5k2VN1IGrq43fz3u1ZesPeIBuYYSwwySAF9NucBC2L6s82VOvOkM6C8ytjlEPm6ZJzz5aiHPRt4PnUyhr-23LK1EMIjgniHoMf6Wq7GMxm-brCVGC7AxWVLJINn0dchMUph5WcxmHj9xPKgV7lkXj1D_z_N9sdMX_nPT01ONXjZdtvaLlK7JKslj1gKeuQbxPhvP4-EYY8TuhLiE3hv2W0DAFqO7iVk6AJ2X1amKnHKKqO0Wzy4R0binSsYixfQaTWMc4crLOHod2g10FdJgXCucpyWj3sUqeUw9jUQIau28D892dxripqTS8fQubYvgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB4g0TCI_q7e_O1oIDFbOigwcddBwM3dAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2A1aKIX2lLTSQClSFZsCDcIIommg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780482
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Itgr1kBG1XvdscSU%2B5Dr6Fh%2BC2B4%2BVbV%2BWC7ZnFvAfkRAbQQjC%2BmdAk%2FXlM5NhHjLcmhoausgr%2Bd0BG8J5KBMQ0l2LVj1y6vi6rWV9xU8ti4VQ6pkrTfx4IEQFhLxjK%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829ded0f1aee690f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 05A8 43 B
702 B 314ms
119ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 03:01:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 48F6 0
127 B 57ms
57ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:01:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
72 B 133ms
132ms Ping
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 03:01:08 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 132ms
131ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=170062205832131958486384_N4IgLgDghiBcDaiBMAaJBWADANgCwDocMUQBmTTAKg0wH0BGEEgTgHYqaGmyLqsuS5Dv0Yt2fOqJCskADkrNJIALqqSAZzBQwAV3Vx4uJMpIAvGLHokIAczggAbtxsALe-XZEkmdLNJJ6UnpmX1xZbFJZXG4HfVgQbEJ8dGxmbigAGzhSEgAzAGM4AForEABTMABLd09sJG90Vm58-IATewBVAEFuTTtYTA0AaxqKOobWWixWP1JWISRsbjLKiHsg-EDSfGZt+h8YsoAnewgjgHt2kjKdC1KdaoHrhyyEExAIWIN39QzNUa8PlkSGYSxIGVycFKACMMmAoYoSPk9GBaJV2vFZABhDoAcVI+MwshilTRGJAHjG9R8MiQuHQ+wwUhshUstWp2HCWBIAEcylC8o9MABfIA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:01:08 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/paleo-grain-free-stuffing-recipe	1969-12-31 23:59:59	Name: phvid Value: 161283354
links.paleohacks-mailing.com/	1970-01-20 16:24:25	Name: _session_id Value: cbb32bd309887761c33dece77307c999
blog.paleohacks.com/	1970-01-20 16:23:43	Name: session_depth Value: blog.paleohacks.com%3D1%7C726657258%3D1
.paleohacks.com/	1970-01-21 01:59:42	Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78 Value: Direct
.paleohacks.com/	1970-01-21 01:59:42	Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1700622058426
.paleohacks.com/	1970-01-20 16:23:43	Name: bfp_sn_pl Value: 1700622057\|1_507833730026
.blog.paleohacks.com/	1970-01-21 01:59:42	Name: bafpCS Value: 170062205832131958486384
.paleohacks.com/	1970-01-21 01:59:42	Name: __attentive_id Value: 5b5ce6f9d5c543eeb73964d2d3fd6676
.paleohacks.com/	1970-01-21 01:59:42	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNzAwNjIyMDU4NTQ1LFwidW9cIjoxNzAwNjIyMDU4NTQ1LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjViNWNlNmY5ZDVjNTQzZWViNzM5NjRkMmQzZmQ2Njc2XCJ9In0=
blog.paleohacks.com/	1970-01-21 01:59:42	Name: __attentive_cco Value: 1700622058548
.paleohacks.com/	1970-01-21 01:45:18	Name: __gads Value: ID=bd7d9a54da70c7d6:T=1700622058:RT=1700622058:S=ALNI_MaVJqQ-yEsrm7bT6nllmDx6FsYrKg
.paleohacks.com/	1970-01-21 01:45:18	Name: __gpi Value: UID=00000cd6bf39369e:T=1700622058:RT=1700622058:S=ALNI_MZ6L4qGXW9WLTMdI5x3Kg9I_vEj7g
.paleohacks.com/	1970-01-21 01:59:42	Name: _ga_QMKQQWEFHC Value: GS1.1.1700622058.1.0.1700622058.60.0.0
.paleohacks.com/	1970-01-20 18:33:18	Name: _fbp Value: fb.1.1700622058818.1107978980
.blog.paleohacks.com/	1970-01-21 01:59:42	Name: bafp Value: 5c877900-88e3-11ee-9aed-3f3d6db8bf74
blog.paleohacks.com/	1970-01-20 17:06:54	Name: ph-popup Value: shown
.paleohacks.com/	1970-01-21 01:59:42	Name: _ga Value: GA1.2.2075019165.1700622058
.paleohacks.com/	1970-01-20 16:25:08	Name: _gid Value: GA1.2.1664692899.1700622059
.paleohacks.com/	1970-01-20 16:23:42	Name: _gat_UA-42752472-1 Value: 1
.paleohacks.com/	1970-01-21 01:09:18	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18bf4f94659fe0-0609f9a7d49b92-61325e53-1d4c00-18bf4f9465afe0%22%2C%22%24device_id%22%3A%20%2218bf4f94659fe0-0609f9a7d49b92-61325e53-1d4c00-18bf4f9465afe0%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 16:23:43	Name: bfp_sn Value: 1700622057_507833730026
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 16:23:43	Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1700622057_507833730026_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 16:23:43	Name: bfp_sn_td_599c2843a14f73e9ce4e66fd2da39b1b Value: 1700622057_507833730026_599c2843a14f73e9ce4e66fd2da39b1b
.paleohacks.com/	1970-01-20 16:25:08	Name: __attentive_dv Value: 1
.paleohacks.com/	1970-01-20 16:23:42	Name: _dc_gtm_UA-81910700-1 Value: 1
.paleohacks.com/	1970-01-20 16:23:43	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 16:23:43	Name: __attentive_ss_referrer Value: ORGANIC
.pinterest.com/	1970-01-21 01:09:18	Name: ar_debug Value: 1
.paleohacks.com/	1970-01-21 01:59:42	Name: _ga_RWB4GYKC4G Value: GS1.2.1700622059.1.0.1700622059.60.0.0
.pxlclnmdecom-a.akamaihd.net/	1970-01-21 01:59:42	Name: bafp_t Value: 5ce3a2c0-88e3-11ee-b715-1be1fc45df9e
.blog.paleohacks.com/	1970-01-21 01:09:18	Name: _pin_unauth Value: dWlkPU16SXpZV1kzTVRJdFkyVmpaUzAwWkRKa0xUZ3lPRFF0WVRFMVltWmlNREZpWW1Zdw
.doubleclick.net/	1970-01-21 01:45:18	Name: IDE Value: AHWqTUnecd4evCgbEDutXBZVtcm6x3KnWpMGKEe7W-FVuPJBueM4Pqgqeswpe6Q98J8
blog.paleohacks.com/	1970-01-20 17:06:54	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
.bing.com/	1970-01-21 01:45:18	Name: MUID Value: 19E7DD57142168DA03EFCE86154A69C4
.adfarm1.adition.com/	1970-01-20 18:33:18	Name: UserID1 Value: 7304116152042846367
.ctnsnet.com/	1970-01-21 01:09:18	Name: gid_CAESEG_YynE88vVO6wxW5Y3iNDw Value: 1
.blismedia.com/	1970-01-21 01:09:22	Name: b Value: 655D6EF145B1604BAA4B6519BLIS
.adform.net/	1970-01-20 17:06:54	Name: C Value: 1
.teads.tv/	1970-01-21 01:07:51	Name: tt_viewer Value: 098015a2-83f0-4907-8fd1-c3a0a47979ce
.simpli.fi/	1970-01-21 01:10:44	Name: suid Value: A969B066B3354A0AA46FB7DB7F256AB3
.w55c.net/	1970-01-21 01:53:56	Name: wfivefivec Value: sFMzxaA51R5Du95
.adsrvr.org/	1970-01-21 01:10:44	Name: TDID Value: 16cfc2f3-8b3b-49e9-b36e-9bb592b21275
.turn.com/	1970-01-20 20:42:54	Name: uid Value: 2727316055987399765
.adform.net/	1970-01-20 17:50:06	Name: uid Value: 8508473752227253443
.everesttech.net/	1970-01-21 01:09:18	Name: everest_g_v2 Value: g_surferid~ZV1u8QABbqBMKQBd
.w55c.net/	1970-01-20 17:06:54	Name: matchgoogle Value: 5
.adsrvr.org/	1970-01-21 01:10:44	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIoPjh1anEtTwQBRgFIAEoAjILCK6v34HAxLU8EAU4AQ..
.yahoo.com/	1970-01-21 01:09:39	Name: A3 Value: d=AQABBPFuXWUCEGkDpM5Y06JtACoAhwTs_P4FEgEBAQHAXmVnZQAAAAAA_eMAAA&S=AQAAAq_U0AFavHrF5-O1RGZj_8w
.tribalfusion.com/	1970-01-20 18:33:18	Name: ANON_ID Value: aint6Zat3er66AxvPBQpBowZacxOlO3wrOtcv6YB1iMUwrQ8DbDwOTmTR5UJY2gKdTiJhJqYyRX7ZatUmTVr5IV2w3or5rr
.ctnsnet.com/	1970-01-21 01:09:18	Name: cid Value: a50c6d19c2874660846f548a6b808c8a
.de17a.com/	1970-01-21 01:02:06	Name: guid Value: 1.6649996761781582580
.awin1.com/	1970-01-20 16:26:34	Name: awpv14702 Value: 412871\|1700622067\|61af5ba1-88e3-11ee-b3f6-2239b4908fbf
.awin1.com/	1970-01-20 16:26:34	Name: awpv20044 Value: 412871\|1700622067\|61b0bb30-88e3-11ee-84cc-223908f3a6a6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.doubleclick.net/	1970-01-20 20:42:54	Name: APC Value: AfxxVi5vQzjDOQOrT_6_O_XjB8fMs0mGDsLnpdgH0uQU5c2RCnuULQ
.quantserve.com/	1970-01-21 01:53:56	Name: mc Value: 655d6ef3-52c9d-d49d5-d9446
.innovid.com/	1970-01-20 18:33:18	Name: uuid Value: 58ea0fc3-e265-45c8-9f7b-b46f5e1b694d-20231121 22:01:07
.o2online.de/	1970-01-20 16:33:46	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMDYyMjA2N3ZsZWExZGUyMDIzMTEyMjA0MDEwNzkwNzE5NjQ3OTc1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 16:33:46	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 16:33:46	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023112204010790719647975X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMDYyMjA2N3ZsZWExZGUyMDIzMTEyMjA0MDEwNzkwNzE5NjQ3OTc1WDEyMDIxMVYxMjI2MTMyNzAyT

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.ipify.org/?format=json Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
other	warning	URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG3G308(Line 14) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paleohacks.leadpages.co/leadbox/142cb4b73f72a2%3A13300845e746dc/5744125232021504/?lp-in-iframe=1&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://blog.paleohacks.com/static/all/js/can-i-show.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmS8sdpctyJ1HuaKvSytyjFrc_Rgaai9glOuKD2_IBnhwoVFaQrtY2xTiLugRBLXrSitPioNNTpMGpgYl3P8q6RGkM7wnqcflUg&google_gid=CAESEC231io6xMSVKBYu02BuhwI&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178194.tracking.hyros.com
902bc0338566ae296d764614ca929906.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
adsdk.microsoft.com
adservice.google.com
ag.innovid.com
ams3-ib.adnxs.com
api-js.mixpanel.com
api.ipify.org
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
blog.paleohacks.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.attn.tv
cdn.mxpnl.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
csm.eu.criteo.net
ct.pinterest.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dts.clnmde.com
dts6.clnmde.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id.rlcdn.com
imageproxy.eu.criteo.net
lg3.media.net
links.paleohacks-mailing.com
log.pinterest.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
paleohacks.attn.tv
paleohacks.leadpages.co
partner.o2online.de
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pxlclnmdecom-a.akamaihd.net
r.turn.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.pinimg.com
s.tribalfusion.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.mypaleorecipe.com
um.simpli.fi
www.awin1.com
www.bing.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
api.ipify.org
104.18.24.173
104.18.39.221
104.18.43.135
104.22.1.44
104.26.11.209
104.26.6.27
13.107.21.200
13.107.213.44
130.211.34.183
142.250.181.225
142.250.185.164
142.250.185.66
142.250.186.104
142.250.186.162
142.250.186.65
142.250.186.98
142.250.186.99
151.101.0.84
151.101.130.49
157.240.0.35
157.240.0.6
167.233.13.224
172.217.18.2
172.217.18.3
172.217.18.6
172.217.18.99
178.250.1.10
178.250.1.15
178.250.1.17
178.250.1.25
178.250.1.3
178.250.1.6
178.250.1.9
178.250.7.12
18.66.97.11
185.89.210.141
188.114.96.3
2.18.160.23
2001:4860:4802:32::36
213.155.156.185
216.239.32.178
216.239.34.36
216.58.206.34
216.58.206.42
23.206.208.183
23.35.228.23
23.35.236.188
23.35.237.56
23.48.23.22
23.56.205.163
2606:4700:10::6816:12c
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
3.11.245.155
3.126.125.13
3.233.76.141
34.111.96.116
34.160.236.64
34.91.62.186
34.95.89.54
34.96.105.8
35.186.193.173
35.186.235.23
35.202.21.90
35.238.129.105
35.244.174.68
35.71.131.137
37.157.6.233
46.228.164.11
51.75.86.98
52.210.175.116
52.28.254.225
64.185.227.156
64.233.167.157
84.200.5.215
85.114.159.93
91.228.74.168
00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84
029ba5a158c9c1ef81afa547eb7caa84feac644621c208a36086a1071d2eb26c
0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f
04048020b9845db01254ec9ceb1ea41cf246c8dc71c54135fe69727cc01a7117
048c8c46b92290dd986822076433f817faf33dd06a3c3a633645502658ea35f2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08bc343fba330a46102b13d618118d898c91f1a703f6e2eebe8ef98f97fa638a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ccbb657fba8eb9e60b1142a314de06ed74bc577e3fb47432b46f3edb34e9792
106aa99cd185959554007f1d5ecccb0e70e2996693373aeaa2c890210241feea
10a330751aa7c978c142a82f02ef88b78ed4bf0dc925df9b8155484ec70fe264
10bc0c2a4ae15beb8409efdeb2b71629bef3d37326d0dbaa647395c913f3a142
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
129332ef408d2cfb16e6881ac18d902ccbcefae76395f7e6b0d43d694b513e56
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
175293215327540388bce9dbe8c1b3bdec258028b642978e723bbdd4c1947db9
182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2362eab598864d387512dc45400d7b93dc4b13d6abc110e6b74961f4f401552b
237733e81fb971c8773cd0a44003cddd05066ca6a49211f3455746cd3d3ecd6a
23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325
2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e
2a157d490d0133376e8dbf42d2abe60090db02d0652caf2c99a2bb93bc7247e5
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31395ea37360cb79a7d85a8a9d46aa7b1a0156461f189ae821905441daad80a1
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1
344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3ba554ef27561aebe70e6976a1991c9acde231dd62996eb13dc4b71382f717d3
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
44b7e9f36a41db407416bf51ab28e0ecbc1739ab3386850407bd94541d289410
467526911f1a2b12b44bc5c75e3d629fa9289843c8e8897a8694b69da57439f4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e8a7ceee5cc379e48c7270fb70fa07cd3dececba10ab96f6dafaf1994470b7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51ed5c1fa0510b3815fcf5aa7935ee51511eadb2c565d5731c6e6dcefba1debb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53ecfb7fb539e851138504ca730068408f677cff5d7ef348a0c7f69dbb31371a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cee790e11017e033b8f04438d105ba59b030bc5456f955583fc0ec34b63bb0
5aa5603f7f0f913cbbc01901970eb065ad0068c549518dc0a460a85d76a751d1
5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a5b2bd0bd49d0eac73559130aca05b88e507e08e771c55cefb6b2524e2a8191
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6c00be08806046a985539e41de6a0c858718abdf035286564d1c970b06e7d7e0
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7041e30486597b7022610850dc74b65b909268c2c134c75775d988ed529c7fc6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574
77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7989b31ed1875d6ecd57fc7b8630dbf391313f14d5b83a3b90ca35657779ec6d
7c0ef3f2ef1f7defcf7b9bd90f7fb577b56eb65b3b26568f8fc1fa65b0b7bb17
7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4
7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58
7c53bb96abe758ea7b0099fc4e40c59379314f7e88a331f1ec4b11441fcf31f5
7c908c481e601721e861365b84411689268d2035ba4a68dbf74f41052077401f
7c92c68fc256659147ea84d0fece9ef36f9533ce03f37add80ad758e0990fbb2
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87
82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
83ab3c30173c4757426d0dbe6f69dca3a348b0e7b598c5f906fdb43f6f4bf51d
83d7c740e561b74bac04477add1ac4134814be5c9563e8bb87c62310be09cfc0
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e
87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
957874abf1d77b04478b832a19eb5103295c0fb32075b591f35f644d23d5c980
97a24ab2121a3edfe321439c72a3895c337c957632c8d6d9f112c4c1e944eba9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b
9fc5fe9fb52dc5d50b7560acb018bde3c6ff69905706d4960ad771606b284945
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10d5b18b41fc4a78ec2b0f56fcd5884cd3f01d7341fd93fa880d30b2a9b3919
a19634329d4db9a8f7a6b32799bbb241e0468a38e630ce22f75ca9613bd39a9d
a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84
a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75
a65f6955d63fe48cacde26846576b4aa6d3df7200bb0c21b1992794fbd61f058
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af98440fc43dd200e92995b138723e296396d3b7a31f3dea54321284bf7137c3
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71
b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed
b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bd4a79f91644d8320bd32ee1c2083e8af351105001ef29af507e67ad1cbdfcd3
bd9c9764ef986f5b95b75739c89ce88d38bab52b9dfd94ab6dedc7e03114cd20
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c215b5ee5d5f071ae007efc6502873d4bc15912561a285b5c5119a7a40f18c67
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c9248b5f4e8a2b095343cb1a16a321a3193f0f9944cd38e66129ba8557be0ec8
ca275dd77cd911cd2e6fa1612657cfc3b67f9577d390eb8639fcea27085b285e
ca8083a6e53fe858b8bc830066f9d6c4c4d0e0fa51b862b342784f3e242eb316
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d2165385a5690585350f9cb20e0a35d49ded8bfecf7b895536b856c08219df9e
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d48612d1cbc5ae254a8b7fb3eb9fb8c30df69cad54b7a4e5a1d56c741a033d40
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
db998fd432b00e534460aa62f7eed92100ebe758d4fc7f569db6a380f1593ce2
dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6
e0d64631f76102a62eb5334956d9ad21b5379038e83272f92ce30d550d45af36
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e22ce339e1c9836de24a55bdef253bf9b230c1888600bf55de8e45145eb1f8c8
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e442b9500eb2ca5b00bdadb274d786b6795154c691d99307df2ada5585d081ad
e5138b3e4732f404752d76fb2be98bfb174183c09f8a084629858dff1d280887
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e790e57b5e2b425d26a169ff72f22467114f21753bc0750ac13fec1654e6fc33
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a
eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f17856e90ff08639e05d9298eeeddba6118a35375e7bc3a3c173ff7087333ecd
f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fdd3753978c268f91d8a12fcda40cc47a62572d6e4d74798d4bd805d79fcee37
fef27207c3e7590a3cedd3db14d80f3eef2cfbcf837eca2908807f984d6adb6e
fef69160f24730d93bf5ad1a963a59b6bfcda982ab97ef1ec8e00745cc756d84

blog.paleohacks.com Open in urlscan Pro 104.22.1.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

308 Requests

92 %HTTPS

18 %IPv6

58 Domains

83 Subdomains

76 IPs

9 Countries

3222 kBTransfer

8692 kBSize

60 Cookies

16 Outgoing links

Page URL History

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
104.22.1.44 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

92 %
HTTPS

18 %
IPv6

58
Domains

83
Subdomains

76
IPs

9
Countries

3222 kB
Transfer

8692 kB
Size

60
Cookies

308 HTTP transactions
19 data transactions