urlscan.io logo urlscan.io
SecurityTrails logo

www.balatarin.com Open in urlscan Pro
107.178.241.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.balatarin.com/
Effective URL: https://www.balatarin.com/
Submission: On February 12 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 17 domains to perform 124 HTTP transactions. The main IP is 107.178.241.59, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.balatarin.com.
TLS certificate: Issued by R3 on January 26th 2022. Valid for: 3 months.
This is the only time www.balatarin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 107.178.241.59 15169 (GOOGLE)
6 18.66.248.8 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
41 52.217.108.198 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.213.226 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 66.102.1.154 15169 (GOOGLE)
1 52.18.104.30 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
124 28
3    107.178.241.59 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 59.241.178.107.bc.googleusercontent.com
www.balatarin.com
6    18.66.248.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-8.dus51.r.cloudfront.net
assets.balatarin.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
41    52.217.108.198 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    143.204.213.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-213-226.fra53.r.cloudfront.net
z-na.amazon-adsystem.com
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
bid.g.doubleclick.net
1    52.18.104.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-104-30.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:401f:6::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-aigzrn76.c.2mdn.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
41 amazonaws.com
s3.amazonaws.com
274 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
312 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
bid.g.doubleclick.net — Cisco Umbrella Rank: 448
280 KB
9 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
9 balatarin.com
www.balatarin.com
assets.balatarin.com
199 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
162 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 906
r1---sn-aigzrn76.c.2mdn.net — Cisco Umbrella Rank: 153490
343 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5583
www.google.co.uk — Cisco Umbrella Rank: 3464
1 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 311
715 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 306
14 KB
1 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1923
6 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
38 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
417 B
1 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 6058
8 KB
1 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3103
3 KB
124 17
Domain Requested by
41 s3.amazonaws.com www.balatarin.com
12 pagead2.googlesyndication.com www.balatarin.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
9 securepubads.g.doubleclick.net www.balatarin.com
securepubads.g.doubleclick.net
www.googletagservices.com
googleads.g.doubleclick.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 csi.gstatic.com securepubads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
6 assets.balatarin.com www.balatarin.com
assets.balatarin.com
3 www.google.com securepubads.g.doubleclick.net
www.balatarin.com
tpc.googlesyndication.com
3 www.google-analytics.com www.balatarin.com
3 www.balatarin.com 1 redirects ajax.googleapis.com
2 r1---sn-aigzrn76.c.2mdn.net imasdk.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.balatarin.com
1 gcdn.2mdn.net 1 redirects
1 unified.adsafeprotected.com imasdk.googleapis.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.co.uk www.balatarin.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 z-na.amazon-adsystem.com www.balatarin.com
1 img.youtube.com www.balatarin.com
1 ajax.googleapis.com www.balatarin.com
124 29
Subject Issuer Validity Valid
www.balatarin.com
R3		 2022-01-26 -
2022-04-26		 3 months crt.sh
*.balatarin.com
Amazon		 2021-07-31 -
2022-08-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
ws-na.assoc-amazon.com
Amazon		 2022-01-17 -
2023-01-16		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
wrapper-vast.adsafeprotected.com
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-02-01 -
2022-04-12		 2 months crt.sh

This page contains 13 frames:

Primary Page: https://www.balatarin.com/
Frame ID: C855597CFD7C70D970400DB196E00F4A
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: 8167F4C10317F3D9BBEF804F1905CEC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1644646824&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823805&bpp=3&bdt=327&idt=212&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4384722785670&rume=1&frm=20&pv=2&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: D506A857B20FD826D4875A9003E021CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1219443404&pi=t.ma~as.6838607656&w=779&lmt=1644646824&rafmt=12&psa=0&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823847&bpp=53&bdt=368&idt=264&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fW4DHaTqKL&p=https%3A//www.balatarin.com&dtd=276
Frame ID: 86D05D1DA436C9C3AF01085774A83344
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Frame ID: 94FF72C61926AA4762CA57F72259CFA5
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1644646824&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823941&bpp=3&bdt=462&idt=208&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90%2C779x280&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yb9sZ1R3aF&p=https%3A//www.balatarin.com&dtd=211
Frame ID: 251178D90ADBE4AA889E408766965D49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823985&bpp=2&bdt=507&idt=174&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D300cb037b289c9b9-22abce903ccd0036%3AT%3D1644646822%3ART%3D1644646822%3AS%3DALNI_MahJ1XfgPoOXdr-ACS55xZhTgQxDQ&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=P7CT76gxZj&p=https%3A//www.balatarin.com&dtd=177
Frame ID: 796E561BB610B82C9D68BCE04C0910A4
Requests: 1 HTTP requests in this frame

Frame: https://465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6E1AFBF131FC6AD4B592444AC1DD2345
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&adk=2481526797&adf=393783903&pi=t.aa~a.2729612806~rp.4&w=358&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&to=qs&pwprc=6379213746&psa=0&format=358x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646824268&bpp=2&bdt=789&idt=2&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D300cb037b289c9b9-22abce903ccd0036%3AT%3D1644646822%3ART%3D1644646822%3AS%3DALNI_MahJ1XfgPoOXdr-ACS55xZhTgQxDQ&prev_fmts=0x0%2C779x90%2C779x280%2C336x280%2C336x280&nras=2&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2065&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oR1WmtvHwd&p=https%3A//www.balatarin.com&dtd=19
Frame ID: 85A697B9C628A5F528D69E082BD207C0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhx16K8maCDCihjdtUKXjBU4NbNAqV8ZWf-OEMvm7wtEtDGfQRZfnwZKFtR2t1NMOtL1UfuXNSPhfz7HMtCt1g5N-AyXVjYToi9XWaEdrenU674ov2y9xjDJqTHX0ZaPGAabqfXj2YmSiAQDsDBpK6y9JzfdLF9smQqjEwIzXL1fTg4ZK9J3nYEZacUOjxzIvrNNC3WXfundVUL3HBXUbMccSEd7HAPs-GWQIi9DsUfdcOT3_OIYjLV_A4roLsv-ohSd_zMtSsvW7FectsbWbPqnZQ6c7kT6dRNkykoU-3ikpIZ2w890XVlNzL&sig=Cg0ArKJSzMdProSEkBqZEAE&uach_m=[UACH]&adurl=
Frame ID: 614A2744B650F7C3D347D134C4E127A8
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D50822E5387DB63DA0FFF4D8E28C480B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9789299ED470EC58595BFE38BDB99954
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4851EBC52A686A5138183DD6996C3CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بالاترین: لینک‌های منتخب

Page URL History Show full URLs

  1. http://www.balatarin.com/ HTTP 301
    https://www.balatarin.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

99 %
HTTPS

68 %
IPv6

17
Domains

29
Subdomains

28
IPs

4
Countries

1693 kB
Transfer

3529 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.balatarin.com/ HTTP 301
    https://www.balatarin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://gcdn.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8B9813E30A8AAFA447A5C3F59E03575B0558E1BC.1C722A3DA28273003B9734C118D3D7DAAD125115/key/ck2/file/file.webm HTTP 302
  • https://r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/704A4C2BEDCEEC8F95C6141830F81E094542ECE1.3AA3D48BE7B9AB85E60F0ABC11CC2B107E8BC356/key/cms1/cms_redirect/yes/mh/nw/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1644646003/mv/u/mvi/1/pl/32/file/file.webm

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.balatarin.com/
Redirect Chain
  • http://www.balatarin.com/
  • https://www.balatarin.com/
101 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.59 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
59.241.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
e41fa75910f4b47b2bbbb707aa394a33b9e273f2cfaf521da4b6c8ece92b6430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Sat, 12 Feb 2022 06:20:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
etag
W/"e41fa75910f4b47b2bbbb707aa394a33"
cache-control
max-age=0, private, must-revalidate
x-request-id
55934c8e-01c4-4e74-a3a5-1cf74afdd653
x-runtime
0.026263
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx
Date
Sat, 12 Feb 2022 06:20:21 GMT
Content-Type
text/html
Content-Length
162
Location
https://www.balatarin.com/
Via
1.1 google
application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
assets.balatarin.com/assets/ 		240 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-8.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3d59712393b786d034b66ed0d6f749e8d1bb04514ca218c84b10e7fe22bbbeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 01:19:29 GMT
Content-Encoding
gzip
Age
3387653
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 08 Apr 2021 18:05:03 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6a04a4c0024b66563c7ac24fc2a47bc3
ETag
W/"6a04a4c0024b66563c7ac24fc2a47bc3"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
MLhZt4UuBG3gVBA8a6r_iOaVe-q3n91ZvRKV6ij8k7JQ5rrGvBPmzw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2ada571635aeb7434fe7122405687d7b15438253e678d1e1edf182a64c36802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53889
x-xss-protection
0
server
cafe
etag
17353010189584795523
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 06:20:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
656fe53b400470587c8679d190e2f1ad1102ae564b28951ea31ea505355a1ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27132
x-xss-protection
0
server
sffe
etag
"1129 / 259 of 1000 / last-modified: 1644620882"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 12 Feb 2022 06:20:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Feb 2023 15:39:18 GMT
application-fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd.js
assets.balatarin.com/assets/ 		190 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/application-fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-8.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 11:04:24 GMT
Content-Encoding
gzip
Age
10005358
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 04 May 2021 20:49:09 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:1c56b281b8b79714b8893619b8bafaa2
ETag
W/"1c56b281b8b79714b8893619b8bafaa2"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
4sGKUpP9FHAtti1fzVA_TFWy07Gxu8ND2qPWDZDfDX06RrIekcRdAg==
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020037/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020037/square.jpg?1644518766
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f0b04c953e63741bb2b01365e41b0273a7517f34f538ae46f38a22ef94896cad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 10 Feb 2022 18:46:08 GMT
Server
AmazonS3
x-amz-request-id
SFA7A6Z66DG22V49
ETag
"a79649c125644e4ea74eb3d73245f03a"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
8820
x-amz-id-2
GbD3g1u8Sdq+JXK/BR7EABY5xaJRhFmkp8TkCBtmNcIm9WjPTza7mDWoLfirLZStahzHFKUorLs=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020036/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020036/square.jpg?1644500105
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
aed94c60022686bc5f3101aa6bff0a64a7b0f3f605268041d610419f073c8722

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 10 Feb 2022 13:35:07 GMT
Server
AmazonS3
x-amz-request-id
SFA9QP05NPGMVKPZ
ETag
"db068aa8f709bc41297487c71a53c126"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
7360
x-amz-id-2
n2TkPEWJv0hmRcjYC5VfMFaz7hzyB0Ag+++z2nnhv688dmU5BXfTBOIdRzhQJWhQsOSFOQwMky0=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020035/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020035/square.jpg?1644346710
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
642cf3c2b9e1e211c2cad4f0cba5b8eec3843391669e1226e77b48f6e389e6d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Tue, 08 Feb 2022 18:58:32 GMT
Server
AmazonS3
x-amz-request-id
SFA2KA2CRBF8QV9B
ETag
"2ba9d0e4c4ea9ae78486a7498b6b5f6d"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
13808
x-amz-id-2
igaNUpXKjgSyaeAhq4e2OjGe2Vo70uVugma7ZkHHuH8u0tbUESsO3rBd4sjYvyopkjdD2++ie9Q=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020034/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020034/square.jpg?1644156081
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
81f08064f9baa33ad18a4a024d4fb6450de7ddd0805a18a6881a2a8d692bf558

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Sun, 06 Feb 2022 14:01:23 GMT
Server
AmazonS3
x-amz-request-id
SFA8XZ4AS0NR867G
ETag
"a846ce5869083034d2f5e1da00d19b58"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
5874
x-amz-id-2
Dd5zBX2671ejI5x+qJnYY/o2JLKdNKf4i9iLQ5ZRIzH4h9pQ89qr3NmNDPuGlBZSHbwho7g3s0k=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020032/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020032/square.jpg?1643807995
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
56081264c93e1c90b2458f2e33a938ee36ae3364d0b1d5d514a3f62cddbf537e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Wed, 02 Feb 2022 13:19:57 GMT
Server
AmazonS3
x-amz-request-id
SFA7KVWVE46FC7JB
ETag
"e987c19209536cce40dc929ffe8f951f"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
11212
x-amz-id-2
NRGBPoXuR71BL0fUtO60TwvlZoPb43p6SM9R/zAwDak5d6gXGacKfC2kzdIjYTep0Ns4bBTKd3A=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020029/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020029/square.jpg?1643622774
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
46b7e564b1b64d737a088f8d77b7cf947eadac0e1c457642b4282fd5279ea865

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Mon, 31 Jan 2022 09:52:55 GMT
Server
AmazonS3
x-amz-request-id
SFA7Y05SVJD5GMF5
ETag
"4a95bc0bcae4efd69a25a9bacd7b0808"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
12541
x-amz-id-2
boRWDoKtudp5/s3GB1ZaSFKmHCMxatkrDJKXWxSiZkBW1sJYLsGHtRoSwk5dDxYGODPKluIv6o4=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020028/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020028/square.jpg?1643310639
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec86d28c9a24dd65bdd5d4f3595d948ee4e3f1e1f1b8df886367bc130a9092b9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 27 Jan 2022 19:10:40 GMT
Server
AmazonS3
x-amz-request-id
SFA51G63JWEZF681
ETag
"b15ec4bdf95a9e46285db2f487181073"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
9384
x-amz-id-2
Lv9emT2RrXY7AkgKZrKh3xrKlyRgeNfMFo6djRuppThKQ/oEvu7U+rM5YgHIs8obDAsHrkUZsWw=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020027/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020027/square.jpg?1643286336
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
85bf2e34d39f9aedea5096d1e6558ddfa9086a7db2784c0bfa6be68223e58da5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 27 Jan 2022 12:25:38 GMT
Server
AmazonS3
x-amz-request-id
SFAADNMSMZHS6GZH
ETag
"64134001d48c1a7c2226ec81719c24ed"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
7198
x-amz-id-2
sFlI2PWXFIO62K6EYHutFJ5kgbSk9t0e4g0ikV7O4cAmB7USxwv9uJc/4WMNOoI0QwoJfj6iVME=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020026/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020026/square.jpg?1643045141
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c0f850be678e4a3b5f436c6d92b534b50bfd2c469744003fa0885a41ab57f43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Mon, 24 Jan 2022 17:25:43 GMT
Server
AmazonS3
x-amz-request-id
SFAAGE6Y6T9P9YCP
ETag
"87e95f83eed6641139e4691e903cd72a"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
8287
x-amz-id-2
J8AhOagUHumGSPITNXjdrXRhN/zwAXSPFyv1xaEMWvqQQivVyF3ikiS0tvHBY7fXgsQ6jjbfV24=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020022/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020022/square.jpg?1642263913
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
85e225446c6a5b2f2bcc5937fe539b418cb3a201297b50176afef6ddfda390d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Sat, 15 Jan 2022 16:25:15 GMT
Server
AmazonS3
x-amz-request-id
SFA1HTKDK69P68Y7
ETag
"9e62a5c6f527e314559aed053c611f98"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
6621
x-amz-id-2
4Im3UR+FW5CDYu+HfA26J6hs9fGWZ2rUlSzg9x+uMy2Ag4ocKKH1Crsyq7qt0p9xISyXSTpjByc=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020021/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020021/square.jpg?1642096304
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e43a41ce6d7460d0aac2c9aeb5c3300123effe58dc9f68eeb88271bbba879575

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 13 Jan 2022 17:51:46 GMT
Server
AmazonS3
x-amz-request-id
SFA5M84BB44FFKSK
ETag
"06c8429a2e946e7b3e8860674d285092"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
11988
x-amz-id-2
H94tNkm8kHjZMVvNzuvzemNBpF36C0rqfSlyRgsM5+qHO2KD8QvNIpWXPUfe9ElNBZJ+pH2n9Gw=
square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020020/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/topic_photos/1020020/square.jpg?1642094968
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
17637322c74bdd0c7e8f8041bf1a663f3eac5b07097146ba7ba632caad727f6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 13 Jan 2022 17:29:30 GMT
Server
AmazonS3
x-amz-request-id
SFA7NFK00WZ5S00J
ETag
"fa4b2dcfebf2b9b749efbeef5fae4904"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
18617
x-amz-id-2
mIYgX6ehKVrWo288y6pwxGKmi0KE4G9BrlShT3+VjoFJgnmaMBUwLMSpwoC6HelBgs37wNTIwEE=
small.jpg
s3.amazonaws.com/bala.static/avatars/57647/ 		428 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/57647/small.jpg?1596168383
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d663ad6a421f3a2443aac5e739bc6b4baa86c57912523962f698da5c8a5a0777

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 31 Jul 2020 04:06:24 GMT
Server
AmazonS3
x-amz-request-id
SFAFWS7DX9PZHE61
ETag
"0d3dccde6a499a9998f3ba6e898be94e"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
428
x-amz-id-2
Mou1jPKuV/YuEwPyAWI2mdBB3aZwYwP33+X+/o6ldjJrv4HcyjeHkPl1oTTFxcVLKEDsHGx2fow=
small.jpg
s3.amazonaws.com/bala.static/avatars/131710/ 		608 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/131710/small.jpg?1604753827
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c36f1f994513470dde6cd4747c5fa533dadb40ca12b9d673894411a8719f1c5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Sat, 07 Nov 2020 12:57:09 GMT
Server
AmazonS3
x-amz-request-id
SFAEWK9FKBHVBTVH
ETag
"f3bedb19536ccd1550d6d30f12f93c42"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
608
x-amz-id-2
eyXqGX6vk18EJFAryUfOulyeDTWy7WpNJ1tMk3JgkQBpDqf+D0bXd1Cgbd7N6ZXpqCouHCZgFiA=
a4a9d242-2a17-4403-9826-bca73fd9380b-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/a4a9d242-2a17-4403-9826-bca73fd9380b-thumbnail.jpg?1644553518
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d7c6c113eb568f57d331a102fcc98e56837b3b7c74541aea08353937029fbfe0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 04:25:20 GMT
Server
AmazonS3
x-amz-request-id
SFA5B48QMFRQ9W1F
ETag
"b18140fe22d239811fdb71ad57da7821"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
8730
x-amz-id-2
5oYAxwKrj5ndVgZVDxcQjnyQMvDXxNy5iG9LB4GA2Kq2kVPqgM9hRHLK+wRQ+ESPxr3WIG7UWyI=
missing.png
assets.balatarin.com/avatars/small/ 		500 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.balatarin.com/avatars/small/missing.png
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-8.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03d5c445fbf76b8749bdac185d39ee6f2255ba15d67c66f10a7c69d978ac3faf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 05 Feb 2022 03:33:23 GMT
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 30 Mar 2019 22:04:25 GMT
Server
AmazonS3
Age
614820
ETag
"24a925b59aad1a6cd61c43fb77941c20"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
500
X-Amz-Cf-Id
HIk_hnYkEabmOrOvklJdYJQdPHrT1G-fafr4mfDaaWGkOWRVE__ozg==
a9c51eb4-2156-4886-a8d0-3f95a3defd4f-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/a9c51eb4-2156-4886-a8d0-3f95a3defd4f-thumbnail.jpg?1644600777
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
df2fc8f6ec3041910c40e8adae73df3be3c3013cec1af2b425590315177c0634

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 17:32:58 GMT
Server
AmazonS3
x-amz-request-id
SFABXD5RR5EYKRS6
ETag
"8cbcbdbaa89fa51a2120af643b35702e"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4140
x-amz-id-2
8HxYpD2HpPL4BLS1kQ/P14kF/I5vrvKSl7BLamzsoT2pj5zTUXm2gfeACckAVwPNMwxDISlMkTQ=
2.jpg
img.youtube.com/vi/MM02APnLex8/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/MM02APnLex8/2.jpg
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf7d2314800d4427b41f47c5db072df23daa081dd2e8750f2e4d01832b53465b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:18:37 GMT
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2698
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Feb 2022 06:23:37 GMT
small.jpg
s3.amazonaws.com/bala.static/avatars/97293/ 		726 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/97293/small.jpg?1603719272
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f302819f800bc68fdfdf3cad6214240248af78d7071488b2149d2378c105fbf3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Mon, 26 Oct 2020 13:34:33 GMT
Server
AmazonS3
x-amz-request-id
SFA2RYSBXJVMX1BV
ETag
"98f63c30f26386aa2ff06f28309f14b3"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
726
x-amz-id-2
vGGSbxY60ufGUVtyDKu6FmVLb76DDAHYud3ySTTdpfpIxiJZYvMG8wpYNK0Ubhv6yTH7Bzsjyqw=
5761196.png
s3.amazonaws.com/bala.static/links/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761196.png?1644562946
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
71177b0e923ab233c6d1f491ba862ee71ebfd48648d744b0fb98d568d09f31a9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 07:02:27 GMT
Server
AmazonS3
x-amz-request-id
SFAFS4XJF3P5V7RT
ETag
"3abcec55a719b2457230755c539f3f84"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4700
x-amz-id-2
OxeZz3/Oj6+rLAFckPU1c6JF59PdoS66/iG5Jy6n0adeLJ6+HpGjHnYojVaX9Obg3LG2KcYYC3A=
small.jpg
s3.amazonaws.com/bala.static/avatars/187580/ 		596 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/187580/small.jpg?1630002964
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a095f2110083c0b41096041d4a28ffaa1fec8af6325ab74c01b11ec81f75aba1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 26 Aug 2021 18:36:05 GMT
Server
AmazonS3
x-amz-request-id
SFA68GMXE3N7TTVY
ETag
"b8ff48e248b985e612b0680b78ea3922"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
596
x-amz-id-2
uS4ZfLzyqLitDoC2EtQhRHbve7sFIcuxN4UgI5kBJP/SUnxDM/QTWukJWg7G4Ecg7rIlSOxwIfY=
3dc68b2c-f2ab-43c0-8967-bf4103923983-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/3dc68b2c-f2ab-43c0-8967-bf4103923983-thumbnail.jpg?1644595911
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2cf69ca95688c8456d852753902310bc5dc916f1a70e538a7a5f9d63167e7108

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 16:11:52 GMT
Server
AmazonS3
x-amz-request-id
SFA89WS0CC2Z725V
ETag
"314cb8f957c8c2b91416d418a3a70e8c"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
8608
x-amz-id-2
MMMhiFuVxfGfIZlR0EcZY08UdQM/+VK/YWBl44f0QG1KC0YO8hJvTlsBwLa+fUURN2uWSu85Py8=
8570b5bc-63f3-4157-9152-0fc058106fea-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/8570b5bc-63f3-4157-9152-0fc058106fea-thumbnail.jpg?1644595361
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8569a368f1771a5776d403dd2bcfd48c0793ea3c4d8183e24130e4be5f43d2fd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 16:02:42 GMT
Server
AmazonS3
x-amz-request-id
SFA1XW27QJC2Y7R8
ETag
"919340ec65b09522d3918acf1091d1e2"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4580
x-amz-id-2
Zzr6bZB6AFuxbSCyfsXKIhqnVku7pH3s06SAFqlOO4rqz5Z0AUUrwXecXOdhHRcLk34dasm3mag=
small.jpg
s3.amazonaws.com/bala.static/avatars/188069/ 		677 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/188069/small.jpg?1629192583
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
30ab97b5fdbee7c42aebce8e7e9ea0a65443563c67eac89b70842fd577994e2f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Tue, 17 Aug 2021 09:29:44 GMT
Server
AmazonS3
x-amz-request-id
SFA22K0G8GSNT0DQ
ETag
"f6715259ef900a6e801e8a9da689df1a"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
677
x-amz-id-2
lSAYec+bjh8ssL5g/KHO0gbwtgqrcJ9ohDiAdYC14iHbKIBAEoo8V0SXdLyvrsxZc9mPHgkxVKA=
ef1bb42f-7413-4779-a802-c596b0a8e9d8-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/ef1bb42f-7413-4779-a802-c596b0a8e9d8-thumbnail.jpg?1644611289
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2716a3b30a76991e545b8576e1c0189f8a94139f3aabe69a6929e1cd86d65f8d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 20:28:11 GMT
Server
AmazonS3
x-amz-request-id
SFAAV7X9D64CNGHV
ETag
"d2616f17fcd43fb89f7fd54ffccb4c84"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
5603
x-amz-id-2
LZxL5E5duk7LOLdJx3FFEI+aMUmM7t1G2qnbBFh/L9ON6iQCvM/CWFiS7Sa27I3FRGgv966CSO4=
7d3e996a-91a5-496e-b0f8-768fa73ec15c-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/7d3e996a-91a5-496e-b0f8-768fa73ec15c-thumbnail.jpg?1643977111
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f06df3e704347279f6dbbcc5321188a4b96d35a230b26d809e71151c7ff5bbb2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 04 Feb 2022 12:18:32 GMT
Server
AmazonS3
x-amz-request-id
SFA3W26VCNRTNYH1
ETag
"f92012cc5c1310eafb1346b1f9af3904"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
5727
x-amz-id-2
FgKyanZjrjL9usxORxNHBGt9wQI1o0MaN9o57VEmPZ8t0FvJ2Zs82a3ZCcya+68XarcqYrpU2Os=
small.jpg
s3.amazonaws.com/bala.static/avatars/189116/ 		689 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/189116/small.jpg?1634300134
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
98d4cc7865a66aef79b6abb61e02b91312f5922799494d8f277d80ca5ee29cec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 15 Oct 2021 12:15:35 GMT
Server
AmazonS3
x-amz-request-id
SFA34ETC5NYNYMVH
ETag
"df466ecb292dd655212c0e595f63e181"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
689
x-amz-id-2
5LLeuOEjNrjERSrGGcy44vc6pl55L2kcCc3jVTcPRewp0UCjPj8myMWsny7Ww9fhB5vesZ/zUdQ=
95e117a8-5e5e-481b-9a0f-8ab6ccd179fe-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/95e117a8-5e5e-481b-9a0f-8ab6ccd179fe-thumbnail.jpg?1644598394
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d1a971b355029a455549857099740f259d459f49ffecf5e73041c491fb21aa28

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 16:53:15 GMT
Server
AmazonS3
x-amz-request-id
SFAA109MYP62WGYB
ETag
"db705757a3798de7fde3559a54d99ac5"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4157
x-amz-id-2
8BEq84vNaF/b2n9aSr4oTB1yA0tPIoYyhEsOF1iQUfpjduiV54X+OAhlL7mPXXWPOD7ePW6cEpQ=
6930eff1-efa9-441c-a143-67f3ede953df-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/6930eff1-efa9-441c-a143-67f3ede953df-thumbnail.jpg?1644563633
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1bafc102c843c5cbe731284c2235c8a82f6fe61e176b854cc4f135d7b0aa237f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 07:13:54 GMT
Server
AmazonS3
x-amz-request-id
SFA1JWRRAPFTSTWN
ETag
"4a62341a0a48663a0e8e7b8856326acb"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3653
x-amz-id-2
zS/ac1/ofhEMjmHUqIvl7d0LenImYQAtu8G/GwL2TZKB0vAKXAqW8DS+fWgVHm2oY8HKWRN+JhY=
f63401ff-52af-460c-a043-117fb1d14324-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/f63401ff-52af-460c-a043-117fb1d14324-thumbnail.jpg?1644528895
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
effb5f5492673f02f67c05cc611fd83852530510fc017f97c66beb2d3883a90f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 10 Feb 2022 21:34:57 GMT
Server
AmazonS3
x-amz-request-id
SFAE9TVW4NQRW1WD
ETag
"caa9c919fe1ad95d3354d05f2d7f9284"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4446
x-amz-id-2
ngHAEDBp1yNiRY0Ocq0z3hGWIS4mdweNhMA/trCZk0cfcDVHk2huouBom1RD7yQes3V+lRxYGPM=
small.jpg
s3.amazonaws.com/bala.static/avatars/162460/ 		571 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/162460/small.jpg?1594243448
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d44b049f76abb95dd7cb522ab42430fbe9cf994349b0abdb0d53dee6770ec8d5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Wed, 08 Jul 2020 21:24:10 GMT
Server
AmazonS3
x-amz-request-id
SFABQ993SET54KHM
ETag
"25307d20aaa3de37a4d342f19b732943"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
571
x-amz-id-2
MlkX4xkf074LAh3BOQlSKJo4Imlon1VlTOGn1ZPerNYeFnNSL4arPH2sKjWPYeH+Qrw3RWjKr4w=
9450d365-b645-4715-ad1a-9320a7def7b1-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/9450d365-b645-4715-ad1a-9320a7def7b1-thumbnail.jpg?1644523047
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
364dbe9b5ff2d53172555d0fcaae52e135faa030e53ae7503bedd25243f07b22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 10 Feb 2022 19:57:28 GMT
Server
AmazonS3
x-amz-request-id
SFA4EGBKQY7DNWBC
ETag
"18f1b768d7c6a6699fa7e85267190f46"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
2562
x-amz-id-2
5pawxKRMzPexBORMjM6zOps5VAgkIxUygwCrN/DqFZ3ZxX/tyIo5z3x9VyL96MRlezdZ4F9rwqc=
756dcdf3-c17e-427e-9dee-efd103d5779b-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/756dcdf3-c17e-427e-9dee-efd103d5779b-thumbnail.jpg?1644514484
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7ef06a016171df4217bb8f0867f6b87b0d063b4d139d6caa9d9f0b3421a158e5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Thu, 10 Feb 2022 17:34:46 GMT
Server
AmazonS3
x-amz-request-id
SFA1F7DCPP8ZMDRY
ETag
"0face1b0adad2847e1999d5a7a462c0f"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4338
x-amz-id-2
pTVuFQ9n287eG0s6gadw5tTEqKpm8Y3N+ofmOl9IQ0WdUITEwWbvTG9aNu97VwzTNBqoaAB0eW4=
5761180.png
s3.amazonaws.com/bala.static/links/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761180.png?1644556544
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7592346243c57cb250caf24a66038019ac0348bfbe2b500897e15193efc29de0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 05:15:46 GMT
Server
AmazonS3
x-amz-request-id
SFABK9CWXSKGN042
ETag
"1b9445977553ed1cb6d9de682261446b"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
2267
x-amz-id-2
Qhmn7NEy6EEG+XbTqikVyn0TnYhyqmydCKSj7Ms78nBa+/NCIL+sIibttRxpp9KzR2rffbMT3mA=
18247364-0f58-4dfb-afce-dcfbad5901d2-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/18247364-0f58-4dfb-afce-dcfbad5901d2-thumbnail.jpg?1631462420
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fa4438f4a34aeb7e17df15b02f3456db77358e41f815727adc422a714715974e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Sun, 12 Sep 2021 16:00:21 GMT
Server
AmazonS3
x-amz-request-id
SFADCXPDX9VQHEF9
ETag
"268df4b24c5e5045e0920a60e39c1d54"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
6220
x-amz-id-2
g6u3CTDHgof9ajwniVxtB8TADizRlwL3mVpydHWPxkHnk/fkmIKGYf1Q5OdcbZW/1m4Z2ot34io=
small.jpg
s3.amazonaws.com/bala.static/avatars/174061/ 		741 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/174061/small.jpg?1581347767
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
93d25cfbf5f1ac33abd16099541497b255367f275b61f7fe8d4d71cc68200753

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Mon, 10 Feb 2020 15:16:08 GMT
Server
AmazonS3
x-amz-request-id
SFA86RXGGKQHDGY9
ETag
"c0a70350743eb10e5a7dfb16e3d41f8b"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
741
x-amz-id-2
o9Q1mhxeYheuOyXEhJA/eCq1kN54LZCj17w7uq3b3HPJ9nzyftPI9L6OR4gGZd0mTHQdoQHBiaQ=
5761216.png
s3.amazonaws.com/bala.static/links/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761216.png?1644565866
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5270d2cc8f3744c6acd38f7483253ef107c1b6c6ac78eaaa2dd4e3628efb474

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Last-Modified
Fri, 11 Feb 2022 07:51:07 GMT
Server
AmazonS3
x-amz-request-id
SFA6XR0CKE5SF739
ETag
"4d4f69c965b74d2db29ada6d5d76ca4d"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
17136
x-amz-id-2
FJYF+zthTX2LeoPond/RiuZGf5cAboYK0Mf//wzBswK2JoqlM0o3RR3rsO5eKeiQ7ii0YlKkqWU=
small.jpg
s3.amazonaws.com/bala.static/avatars/186696/ 		548 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/186696/small.jpg?1622390797
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b2f98a3a74e3eeda1cfa5bdc53fa04f6d0b9b3c686da868296848924a629736a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:24 GMT
Last-Modified
Sun, 30 May 2021 16:06:39 GMT
Server
AmazonS3
x-amz-request-id
HYNTGPBSDS4NAA69
ETag
"0c7b4c216a8e6b868d2c6c67ac35638e"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
548
x-amz-id-2
B5Oel/8K1uYbIY1w13UQRdruo0pCJlXIBg5xGclqxyrPbLJIGdIxD+sXhWeBu7iTpv4AeEvGCyQ=
5761036.png
s3.amazonaws.com/bala.static/links/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761036.png?1644513449
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1300ac6cc7ee041479dfed9fd81036169036998762c12ce64cb744ecb7db9060

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:24 GMT
Last-Modified
Thu, 10 Feb 2022 17:17:30 GMT
Server
AmazonS3
x-amz-request-id
HYNP0CV1A1WYZR4V
ETag
"b9df7b7191aa4987cf9ac8ccdac5931e"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4443
x-amz-id-2
gpo48jSZ0ydmbyvaGuMuPTMzg69kxaZdK/asTdE14jD+G+X+JRrzkoIYM/3RhOnRH/MFiakzgMg=
5761164.png
s3.amazonaws.com/bala.static/links/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761164.png?1644539949
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f38e82eb3a1f51fdb5f9d8151c045e316baa09dde94743abf3807cc5d3276530

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:24 GMT
Last-Modified
Fri, 11 Feb 2022 00:39:10 GMT
Server
AmazonS3
x-amz-request-id
HYNVR9RB52GDHWEK
ETag
"199c2e92fad16f5176f5b37526138f3d"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
4257
x-amz-id-2
WY1YRwtLtY6Pp3FHjuQdADEMPNKIV5+HM76igams3gz9RO6k0TYrUqNyfB8ernV5o0oTsFz4A8s=
5761217.png
s3.amazonaws.com/bala.static/links/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761217.png?1644565950
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd579103b9e9c5899bc3000e911318a0d1e6f220c9fa0516595909f5d9ef2726

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:24 GMT
Last-Modified
Fri, 11 Feb 2022 07:52:31 GMT
Server
AmazonS3
x-amz-request-id
HYNP2HWGJM6W2WGX
ETag
"5bb528f3a37907930982c71962fe0e0d"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
9658
x-amz-id-2
NZK+jtNVyzr6RyVbOGPadJd4yWaaDgs3KsCrYcHrt+ljqL2bFhpivL1hAydxCxPkrxtNQ22iLs4=
5761218.png
s3.amazonaws.com/bala.static/links/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761218.png?1644566045
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
383f5c256994d833ad781f00786a56925a5c66d4c19efb9e836a86a7d1076343

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:24 GMT
Last-Modified
Fri, 11 Feb 2022 07:54:06 GMT
Server
AmazonS3
x-amz-request-id
HYNK42VAZJRS3G34
ETag
"9b530cef3030d928c580b45100d94368"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
9214
x-amz-id-2
bBQcijsEruFWUJ/SPFBIWRBCctiCzLs7hE/cijx7L/YAFeG8RxqBSA9egz89E64OyAylMz1iF+I=
5761445.png
s3.amazonaws.com/bala.static/links/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/links/5761445.png?1644605810
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.108.198 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
be2fda9ac40f2fc1ef759b3f6b6fcd05bb3d7189f8599b57bc2329d4bfbfcea6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:24 GMT
Last-Modified
Fri, 11 Feb 2022 18:56:51 GMT
Server
AmazonS3
x-amz-request-id
HYNYG5A4W10J0TWK
ETag
"43d2aec4267371b0c90d715fc4ebaa8d"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
22756
x-amz-id-2
H1uJoR55eGKNlnu5UjqAO5AXAik7jA2B+8uLhFqijIz+Gd4d6ILJe2Fl13fK9LzUsXl2WjyZLwg=
onejs
z-na.amazon-adsystem.com/widgets/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=072caa77-813c-41fc-84e3-1af5067d7f16
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.213.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-213-226.fra53.r.cloudfront.net
Software
Server /
Resource Hash
7457378191eb1d61476c942294555d13eb92a45e200edaf4f95fe71f2179a4cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
Public
date
Sat, 12 Feb 2022 06:19:00 GMT
content-encoding
gzip
server
Server
age
81
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
FRA53-C1
content-length
7340
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id
q_uGSKh8zO3fkB3tEdSCM-k-OsEwf6EJrlP6XuUiK6UZUKWpIG6GXQ==
expires
Sat, 12 Feb 2022 06:24:00 GMT
logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
assets.balatarin.com/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.balatarin.com/assets/logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-8.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 11:03:57 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 09 Nov 2020 23:17:47 GMT
Server
AmazonS3
Age
10005386
ETag
W/"699129013888caccc30ce00dc03acd6f"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
thCKngpTfTAck8wYY555U596Ov-bgdBJcEa8zqUlPTr_U--bfA9X3g==
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
assets.balatarin.com/assets/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Requested by
Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-8.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Origin
https://www.balatarin.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 13:35:37 GMT
Via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Method
Age
665086
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
77160
Last-Modified
Mon, 09 Nov 2020 23:17:46 GMT
Server
AmazonS3
ETag
"af7ae505a9eed503f8b8e6982036873e"
Access-Control-Max-Age
31536000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
https://www.balatarin.com
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
v9TiaWAJ6HArWK3kDm4q8QE6009r0j32F5oscV4frxR0ZsfW_la7WA==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7403e23a0f81f5d04d28eb19a3ab506d769cd731ab392c7c4cf549e2317fdf66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106665
x-xss-protection
0
server
cafe
etag
13617372155398730783
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 06:20:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame 8167 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Fri, 11 Feb 2022 23:18:13 GMT
expires
Fri, 25 Feb 2022 23:18:13 GMT
cache-control
public, max-age=1209600
age
25329
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2022020801.js
securepubads.g.doubleclick.net/gpt/ 		357 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 21:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122244
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:34:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Feb 2023 21:07:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		92 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.balatarin.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
cbcfa87fa97d4f60ace8d50983766a21457eae3f0444740aeebd231d4c20a739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88
x-xss-protection
0
expires
Sat, 12 Feb 2022 06:20:22 GMT
rum_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/rum_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
936e2a79b73ecbd8d53e825de3c18ba942ba0896065872a266115ebe7904bc69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21571
x-xss-protection
0
server
cafe
etag
18228264410970089360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Feb 2022 05:37:17 GMT
logo-footer-5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11.png
assets.balatarin.com/assets/ 		826 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.balatarin.com/assets/logo-footer-5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11.png
Requested by
Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-8.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 11:05:04 GMT
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 09 Nov 2020 23:17:47 GMT
Server
AmazonS3
Age
10005319
ETag
"d6866d17619bc26a183d1c88f469f3e5"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
826
X-Amz-Cf-Id
dQfnVUAGnoxkn3M_-T_LMIKG322WhC9p2YaTbbIZW4LljXgdocf-_A==
cookie.js
partner.googleadservices.com/gampad/ 		217 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.balatarin.com&callback=_gfp_s_&client=ca-pub-7031645305449270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
284df6a1fee0a9e1acd9251a08f1abf1235109885349ed3ead1b0e470f0e3173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.balatarin.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.balatarin.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.balatarin.com%2F&tn=DIV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D506 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1644646824&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823805&bpp=3&bdt=327&idt=212&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4384722785670&rume=1&frm=20&pv=2&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0489db69c4bc9c54d4e3e53e99993697b759c7915c8a74be627cc066435bd61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Feb 2022 06:20:22 GMT
server
cafe
content-length
4949
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Feb 2022 06:20:22 GMT
cache-control
private
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2728
date
Sat, 12 Feb 2022 05:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 12 Feb 2022 07:34:54 GMT
i
www.balatarin.com/analytics/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.balatarin.com/analytics/i
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.59 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
59.241.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.balatarin.com/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 12 Feb 2022 06:20:22 GMT
via
1.1 google
server
nginx
alt-svc
clear
ads
googleads.g.doubleclick.net/pagead/ Frame 86D0 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1219443404&pi=t.ma~as.6838607656&w=779&lmt=1644646824&rafmt=12&psa=0&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823847&bpp=53&bdt=368&idt=264&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fW4DHaTqKL&p=https%3A//www.balatarin.com&dtd=276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f060a56e85c6544e59bcf31bc62db9b7e455e97779bfc16906754b16c295a173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Feb 2022 06:20:22 GMT
server
cafe
content-length
207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Feb 2022 06:20:22 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 94FF 		69 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0af57d39bbace330227797c8a06761153e41e7d5b824078fda7e3c6ada874f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Feb 2022 06:20:22 GMT
server
cafe
content-length
22146
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Feb 2022 06:20:22 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 2511 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1644646824&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823941&bpp=3&bdt=462&idt=208&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90%2C779x280&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yb9sZ1R3aF&p=https%3A//www.balatarin.com&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d31fb3a2cbf25c10c378a8fe5569270094c8ea208e8c7f70a8761e1333ea805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Feb 2022 06:20:22 GMT
server
cafe
content-length
207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Feb 2022 06:20:22 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 796E 		430 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823985&bpp=2&bdt=507&idt=174&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D300cb037b289c9b9-22abce903ccd0036%3AT%3D1644646822%3ART%3D1644646822%3AS%3DALNI_MahJ1XfgPoOXdr-ACS55xZhTgQxDQ&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=P7CT76gxZj&p=https%3A//www.balatarin.com&dtd=177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9df1feb673e3e5bb842a1f065c9418518257d3f4c52258037e40fd8b88b891d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Feb 2022 06:20:22 GMT
server
cafe
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Feb 2022 06:20:22 GMT
cache-control
private
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3515
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23078
x-xss-protection
0
server
cafe
etag
14764030400761178073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 06:21:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3820389687453562&correlator=2611469479171101&output=ldjh&eid=31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220212&iu_parts=3679856%2CSidebar-Middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie=ID%3D300cb037b289c9b9-22abce903ccd0036%3AT%3D1644646822%3ART%3D1644646822%3AS%3DALNI_MahJ1XfgPoOXdr-ACS55xZhTgQxDQ&bc=31&abxe=1&dt=1644646824204&lmt=1644646824&dlt=1644646823479&idt=704&frm=20&biw=1600&bih=1200&oid=2&adxs=290&adys=1836&adks=3772982170&ucis=1&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.balatarin.com%2F&rumc=3820389687453562&rume=1&vis=1&scr_x=0&scr_y=0&psz=336x0&msz=336x0&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=false&fws=0&ohw=0&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c733ddd64eb2e71e0fb974ba8ca143f78d63edf70c383834bdb0585e63929279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18737
x-xss-protection
0
google-lineitem-id
1279745296
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
113000655376
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.balatarin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E1A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 12 Feb 2022 06:20:22 GMT
expires
Sun, 12 Feb 2023 06:20:22 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		7 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-594291-1&cid=1028921156.1644646824&jid=271981182&gjid=1054204176&_gid=672178205.1644646824&_u=IChAgAABAAAAAE~&z=1725163152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.balatarin.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Feb 2022 06:20:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.balatarin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1403341503&t=pageview&_s=1&dl=https%3A%2F%2Fwww.balatarin.com%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D9%84%DB%8C%D9%86%DA%A9%E2%80%8C%D9%87%D8%A7%DB%8C%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IChAgAAB~&jid=271981182&gjid=1054204176&cid=1028921156.1644646824&tid=UA-594291-1&_gid=672178205.1644646824&z=2011286247
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 03:05:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11667
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1403341503&t=event&_s=2&dl=https%3A%2F%2Fwww.balatarin.com%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D9%84%DB%8C%D9%86%DA%A9%E2%80%8C%D9%87%D8%A7%DB%8C%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageview&ea=loggedout&_u=IChAgAABAAAAAE~&jid=&gjid=&cid=1028921156.1644646824&tid=UA-594291-1&_gid=672178205.1644646824&z=617805688
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 03:05:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11667
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.balatarin.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.balatarin.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 85A6 		430 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&adk=2481526797&adf=393783903&pi=t.aa~a.2729612806~rp.4&w=358&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&to=qs&pwprc=6379213746&psa=0&format=358x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646824268&bpp=2&bdt=789&idt=2&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D300cb037b289c9b9-22abce903ccd0036%3AT%3D1644646822%3ART%3D1644646822%3AS%3DALNI_MahJ1XfgPoOXdr-ACS55xZhTgQxDQ&prev_fmts=0x0%2C779x90%2C779x280%2C336x280%2C336x280&nras=2&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2065&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=oR1WmtvHwd&p=https%3A//www.balatarin.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a08b9046107dc6e65fb6cebb1fbed7e8a5a92700e7ec30fac22447f52064be8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Feb 2022 06:20:22 GMT
server
cafe
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 614A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhx16K8maCDCihjdtUKXjBU4NbNAqV8ZWf-OEMvm7wtEtDGfQRZfnwZKFtR2t1NMOtL1UfuXNSPhfz7HMtCt1g5N-AyXVjYToi9XWaEdrenU674ov2y9xjDJqTHX0ZaPGAabqfXj2YmSiAQDsDBpK6y9JzfdLF9smQqjEwIzXL1fTg4ZK9J3nYEZacUOjxzIvrNNC3WXfundVUL3HBXUbMccSEd7HAPs-GWQIi9DsUfdcOT3_OIYjLV_A4roLsv-ohSd_zMtSsvW7FectsbWbPqnZQ6c7kT6dRNkykoU-3ikpIZ2w890XVlNzL&sig=Cg0ArKJSzMdProSEkBqZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 614A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7817
x-xss-protection
0
server
cafe
etag
7051432691878289762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Feb 2022 05:52:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 614A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Feb 2022 05:35:20 GMT
l
www.google.com/ads/measurement/ Frame 614A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3AF7G-BB9MqVgKbeLqhyEjMlL93xnO4dMNKTvpb_WP14zaDjFIt2jmeq4fpzYnslOfZLvQsjKgVXiVzw5pyIlnnCzjA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 614A 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 12 Feb 2022 06:20:22 GMT
11014814240268210796
tpc.googlesyndication.com/simgad/ Frame 614A 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11014814240268210796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e581c3bf6f9547d2b323c8e1ab6546470435b69417d12984bc0fb08c90307112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 22:57:06 GMT
x-content-type-options
nosniff
age
372196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36079
x-xss-protection
0
last-modified
Mon, 11 Apr 2016 23:11:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 Feb 2023 22:57:06 GMT
ga-audiences
www.google.com/ads/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-594291-1&cid=1028921156.1644646824&jid=271981182&_u=IChAgAABAAAAAE~&z=1980704091
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-594291-1&cid=1028921156.1644646824&jid=271981182&_u=IChAgAABAAAAAE~&z=1980704091
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 94FF 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7817
x-xss-protection
0
server
cafe
etag
7051432691878289762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Feb 2022 05:52:20 GMT
css
fonts.googleapis.com/ Frame 94FF 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 05:33:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 06:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 06:20:22 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 94FF 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 07:16:43 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 94FF 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 02:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Feb 2023 02:23:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 94FF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
17798303060702513824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Feb 2022 05:47:03 GMT
truncated
/ Frame 614A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79396cb76ba0864fcdf95547f834c953591d3881e2c555dd591e6a825abcdfd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 614A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6ftSp6aqA8XZdg_Oo-Aj_paB6u8ZA7g07oC8mH0puAtlaVCPKCQcD8qWjkkX9U12FyHnesH_e4icIufuCg3kNDwK7NHJSdEosiXYLfXluzeFmvWS_6zpW6Wbz_8ivYHnK_9k1D4mdpu0jddcyR5RGXayfjUJx9CyYBYs3oIF6istLh6Qz3njypBWYVP6AMjcM4tLnY39wTuLK9_C2R2Mdr3TUNMPbD-W6rGTmuwro-Cdiey-n1lEJXJdO0LbQsK0VZwQQuV-vTsefZL_GQ9kodJDVIBBKEHPPte8Nh5gKhhapdKYRT-pJ6L2Fv3M&sig=Cg0ArKJSzH0znJEhR6DyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 12 Feb 2022 06:20:22 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 614A 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3515
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23078
x-xss-protection
0
server
cafe
etag
14764030400761178073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 06:21:47 GMT
csi
csi.gstatic.com/ Frame 614A 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzjg97ki&chm=1&c=3820389687453562&ctx=2&qqid=CMChju3C-fUCFcr5dwodvNICmQ&met.4=fb.3~lb.42~ol.6c~idt.gc~dt.-38&met.3=733.5m~742.5m_1~749.66~736.6f~735.6k_1~740.6l_1~113.7m_1~112.7m_2&met.1=1.kzjg97cw~14.0~15.0~16.0~17.0~18.0~19.1~20.6c~21.6c~22.4j~23.4j&met.7=CCIQBBgBIAcoBzBROEpoC3BQeKwCsAEBuAED~CAkQChgBIAgoCDCHATh_QAxIDFAMWF5gMWhhcIIBeLU_gAGJPYgBrJYBsAEBuAED~CB4QChgBIAkoCTCVATiMAWhhcJABeOELgAG1CYgB4RGwAQG4AQM~CBsQBhgBIAkoCTCMATiEAQ~CCoQChgBIAkoCTC5ATiwAQ~CBcQBhgBIAooCjC4ATiuAWhhcJUBeJucAoAB75kCiAHvmQKwAQG4AQM~CCgQChgBIOsBKOsBMI8COCRo7AFwjQJ40rYBgAGmtAGIAd3eA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 94FF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kzjg97lx&c=6757499117336&slotId=3378749558668&qqid=COCKiu3C-fUCFVKK_Qcd8p0E7A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 94FF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
217444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 94FF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
73940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94FF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C7hphplEHYuCfHdKU9u8P8ruS4A6l08OTaK2sj5CdD9fWor3AARABIIjO5BFguwagAcWtq5UoyAEFqQIKqWzNFCRqPqgDAcgDmwSqBPsBT9DmUwIqUB4bbNKYs7zTRf3WxczSknLlsjk4HBFnsGHGM8Ghrz_NBli5LRZ1-nhDSiKORlOuPw2gtPH6_mTGP05WQGKA_LSsg9svBhLlDAr6b6IM90oYlPM7YdYmhj4l8NxHysGt6e7H_yJ8OHvDN6Qs7sPHZZ_sjkyGLz6xHC2iyCBVBy01z00aLyxmxCrpnzIUJpdubtDdEgil6Ar7N2Ny61cOxtuMX00D-_5-1K6l6peVVOAfYtQNMHVf2sWuLLyFpXS5Op0_wbITD-7s2FGwAwYpbp_kMXC1S1LceuVDy-SN8X8JTh0I2DC7oQ0120R6yTjEkVkve2fABJfqj6roA-AEA5AGAaAGToAHxeX79AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE46gjA7IE-eLht8D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1644646824652&ai=C7hphplEHYuCfHdKU9u8P8ruS4A6l08OTaK2sj5CdD9fWor3AARABIIjO5BFguwagAcWtq5UoyAEFqQIKqWzNFCRqPqgDAcgDmwSqBPsBT9DmUwIqUB4bbNKYs7zTRf3WxczSknLlsjk4HBFnsGHGM8Ghrz_NBli5LRZ1-nhDSiKORlOuPw2gtPH6_mTGP05WQGKA_LSsg9svBhLlDAr6b6IM90oYlPM7YdYmhj4l8NxHysGt6e7H_yJ8OHvDN6Qs7sPHZZ_sjkyGLz6xHC2iyCBVBy01z00aLyxmxCrpnzIUJpdubtDdEgil6Ar7N2Ny61cOxtuMX00D-_5-1K6l6peVVOAfYtQNMHVf2sWuLLyFpXS5Op0_wbITD-7s2FGwAwYpbp_kMXC1S1LceuVDy-SN8X8JTh0I2DC7oQ0120R6yTjEkVkve2fABJfqj6roA-AEA5AGAaAGToAHxeX79AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE46gjA7IE-eLht8D0BMA2BMKiBQC2BQB0BUB-BYBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 94FF 		22 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Catf11Nt6XrOf-CDGq8zwPnsJFpcMXi3-DePZkYwlwDMkXbm70MRSZhTQjEcg-K6b7SAxO3q7TgaRiFrVo9pbQ3p5WDw&dbm_d=AKAmf-B-Z_uTJWCqvRR3VQOyiV_qCxMQaZUDBwg8o9v5vOJiDsVulPXGSWfIZDmPBnQDjsvwgfvGKXNdZAkGCUywtwgfF7XbpqLQEhsUuCATgQkDQJli3nb-AsLCpvALl7Q0AogJshaU_9635bj5aWHqU-KQjSTy4ICkCDZKMh3rxiJsFVaA1o-u7t2GjihiMDLLX8AQJp_t243mXLYjzjBvKLndDU0FZjg0yBJfngo47Srn7P1qj3hLx9DKhEKIQQoUdk787osMYuwYeYC07XL8boQmXhjA-4noh2lHcKb0FPiNNW1qELkv02q6spIUREfJ8ZHDnH-O5R7xnDMOUKkMYnqvGlOhg5fYzkFtbebFCcm4Q5dehYBLyEOkE3ITy-qseMdtdNaeIB4AfPW2Xhp2E2KZParfnHe-LNuvcjzwPWthmN_41AzSLTXu6KT2_p8QcdUdaGEH6qtjYQIMVjuTenhYyVG4Y0WOcdDdoUsozkCSAOLQEDbffxHGQ6ENmuZaFcxekV5XyLMDCrOTsu85iEdJrW3fIMDY73XkDT_brSlCT27uH0yLKeFx-_jVv4B-Z2APrvTRXcVx05j_6mz-aKGDk7EAA0EbRRxqb7vZUvZIDRmbSS0Ge8HSXTq9RoKl5EyQvdbiKiDtul6fNkRHPpR88Ib01-awsCFC3jo-_u7fx-mmkAlcle448UtR_ykteZgt5Q7x-4T3-fyhlSQlSRB_RG7Vp983FLQWSHZVDlZNyiixTS2Tlj3A346HZEIIQRYt-TkAtTllwJ1JYXYIsfSJovpt3eyjzlj91rvj1FqgT7GwESisNWVW6fvWJM8gG-hO6pCR-Tku052-v4ZEH5bH0omcNS6AGSNonYzFKiaZnUMp3SXzp2zIloqLLb28mdaZmbiLCX0PjHBzOaGd1j9oCvCJXyG3e3ViC_m047ItOcJ40npeXJ8KWnb9rTgqWRCSo2MhqQdjc9BhGHt8yOoxg9kYcalA-MuXW_ietwpoX-3FDz2LpJInBW8hx6fWipufncsYyXInNvjE4QVwdchRLNv5UZX-lRDtLThPANyAkiAhLurfxTswXSMlgo9TQ3yl_0wwzKK9Ik28h6Ck3bbecAtNGttbRGcxXzurSFChjhbd30n12dDwd_lz3FzTRLvvFF-5NqZ9n2O-ard2esXvSUvbSAqsHPW7_YKKny13_UO57ZuoVeWQeP_5YTzqpbG2c9MWxXM8-xdBZCbUGbVIBMPqIhUiNVS9tT2WS6ymCQMydFm3rUrHksJPaIOKZI5b-zpp72pWMbG5cuRPKmA9IIf1jnWk-7OFAmM8ovptWMzE03U_-RGqctIArpvyJYlNkwCqgnv02GrP2323S1eS0V68fFDxON2tuH_jDP-koybsn4rr6jmec5Yj5fjf5N5p43xSZmXJVpJUZ7t-BPbGF8extzdV94-bFNHfQN3cNjynE52jzCa8Hs0V9YgslSwPhyrHLEv8Fn10Kdzn9-XeAGR5HaCK_fW4ftHztLjOY-4lqd-wTgz0OvG08eQq25ff2yuR7IulQHIlhIWNSGxwwWw9dyOSu_aT8oX3d_iYU4F03xq8Mvr3wPcKsLph7lutNyx-Eq31ajootCZn2EFwYqbw8FA4FSBaFM3Bi0FOeG_KgMPFf-W7kHIB6D7QfCpCLRIy_T1gNNQxVBg7E37FBVBXxIDMOFpcPIWXgqyJ95Tecb_vYdbQ25nUOnIoKKGQa62XixtaGtKEYTh6NCbMge_SIHcY_4qM-8MrHl8nRWMUrZEIaAg5CuLspLSygKYOMWWuR9d4CTYKUFkCakXv0WyJLnf9gsgzKPPKz-v7EwSbplVZBfCYeei9RNdMs2-DaWkdNHe4lfor5xHc2JbPrHJTOT3uU5i5c3BYh1Sl7rxNSG1ZdPoEAahH_UC96iBn34OiXftNNzTXjHnjy55o0KIE5Fq6yNIobGiPNoRSDhU7_B7CVYaEA6lLjxJGs55yJR01mzDKbmMhDTVB07NzfeCsvXG0Quw-CmwM7CFDBt9v7PNCcvXGlirH7UUP3fXZCrsDVfO4PXwJnrttPPoVuMRz8IxjrDHlLf6NMhnc244yndEbrSa4Vq9eVSiJz7cmXrOXM8lQpRC2GsGmq-nbnU2-pcdpIcolukUxznwct4Cc5uhjdYMN7nA040tRyXtayImxBZ_6_7t_c0NN_Da-a3pLeZl4Ki8Ffhrhv4V_xfo35r96vyWoKaQjBsFORl77WfQrrRfcb3VY35Env14sqTGMYJb_od51Z6Prod-GwWEync2C9-UiOHIrMClxofu5yjZi4CBFckdejFKqTepMUZ_4gJeTn39WQQYN7RbIXiZQrmNlh5PDmtynxrOX8-akYYOH5ZMapaeARUGxaxTGIySytpcvM_HF-4nozLuQnwotOpC7UwuKZDp9kF5NhganFZw79o5zoAuBPAcQlEgmc5FE_KjcUYoSyOAIA8WvBPajvZcSn2nqvMuaTdKAf923rMjad0wEIrN0FOqxtuIf7dNmenRlUlDSaYUqzh2Juv8WAf_Tj04rVP3I4N0p9ojKimam32IOZ3JGudAfg6WOvX7X4Y3JMcsHSDrVk0WiTIYy7D2XkTRMl0eFyRdl5-RezwbEEcupd6lP_aDXB3s8oqT4QdYxmxmmJWPxrj3Tg9FZrwLbMUQYPeNLGjPpyROwZn6cHA7xZefJqoqtLch6CKRh2UNlFleWbu-qzj7bKDaI6fuu4xQJf_XWTHk1-UCsb-zJWWGq2Uz8i7UttKSPjSpKUPaa-DbGoDvg6SnX1yrwO3Zh9aOvnaMFQxLjKzKaQXjZKpRzW9HJA-EGy0w01woGAt9XQOBjKXEauejsNZPMGf5a31R7AVJzhDNCLMmi5P1wi61p-O7KZ_FAk7FVkZxdjX69WXao5aJA0Fdje8MnPULtenaRT066pcBi36Ih7CDhm2GRHFkDXVpnX1nReSi8wQ&cid=CAASBORovVk&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
f70d1786c9d8f85e609dd934ff674b791e2d5adccfdf43d63ba8d168bbe64175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14138
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 94FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5DmgplEHYuCfHdKU9u8P8ruS4A6l08OTaK2sj5CdD9fWor3AARABIIjO5BFguwagAcWtq5UoyAEFqQIKqWzNFCRqPqgDAaoE-AFP0OZTAipQHhts0pizvNNF_dbFzNKScuWyOTgcEWewYcYzwaGvP80GWLktFnX6eENKIo5GU64_DaC08fr-ZMY_TlZAYoD8tKyD2y8GEuUMCvpvogz3ShiU8zth1iaGPiXw3EfKwa3p7sf_Inw4e8M3pCzuw8dln-yOTIYvPrEcLaLIIFUHLTXPTRovLGbEKumfMhQml25u0N0SCKXoCvs3Y3LrVw7G24xfTQP7_n7UrqXql5VU4B9i1A0wdV_ana_uAhZveSvYMfPSNt9TLkm6lxU53_pURh9Ab7_3WPViEoQA3lQAshxgBacHjdlnivjOaGIpoRCC3cAEl-qPqugD4AQDiAWswsOzO5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHxeX79AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHCRC2Zxi-1JbAAdIICQiA4YAQEAEYH4AKAcgLAbATjqCMDsgT54uG3wPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNzAzMTY0NTMwNTQ0OTI3MBgA&sigh=9ri4zDvaZik&uach_m=[UACH]&cid=CAQSGwCNIrLMYw63RoR9zTSwCYh_WHMfqf_Vd1-yzw&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 12 Feb 2022 06:20:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 94FF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc7ee68349904e4e437f60d51cebe48b6bc66caf731730e768d4f8077ae08fc6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 94FF 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1644646824&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644646823939&bpp=2&bdt=461&idt=197&shv=r20220209&mjsv=m202202080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=4384722785670&rume=1&frm=20&pv=1&ga_vid=1028921156.1644646824&ga_sid=1644646824&ga_hid=1403341503&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=3568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31064825%2C31061691%2C31061693&oid=2&pvsid=3820389687453562&pem=42&tmod=653849828&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=grpHHnGgU6&p=https%3A//www.balatarin.com&dtd=201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3516
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23078
x-xss-protection
0
server
cafe
etag
14764030400761178073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 06:21:47 GMT
60746823
unified.adsafeprotected.com/v2/947660/ Frame 94FF 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/947660/60746823?mon=60746824&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsufbomLDq5KJavlgZug7cE3JhMLyGI5rnk2-ISJrbHZDQwRDh8fzT0ryyNeqE0n8-Xda-eP4VW4mglzm_QpQ5Kha0vNSzurcDaPIqTG2ABDKuq01B4EMZ4Nezh-Kwtza_j8jz-wc7SMo-QVNpoE8DQ92aV14LX20aU5MKr6kfmysLxIiy1Q0rpWvWrSwl71yYDSg28%26sai%3DAMfl-YTb9ZBjXdQhnrz1Hmo_b8K83s8_NZZ632nQuoMPyVhKN0WzCiA-mlt1LWwPKxRRPFljWOLMOrDAUwr8oed2RuxH35Mekjhyn6GrOgglG7kDGTPN_mZISO8inUxMR_g%26sig%3DCg0ArKJSzPqaY6N2xdFKEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&originalVast=https://ad.doubleclick.net/ddm/pfadx/N99002.3605999CTS_DV360_MX_99002/B27134098.326492850%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.balatarin.com/%3Bdc_ves%3DdGltZXN0YW1wOiAxNjQ0NjQ2ODIzMTI3Cg%3Bdc_cid%3D164914015%3Bdc_adid%3D518831305%3Bdc_vpaid%3D0%3B
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.104.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-104-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
687f3b3cb0240470e31287aa6469af3d7f54738d7402143f57537c5575f0176f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
5286
csi
csi.gstatic.com/ Frame 94FF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzjg97ry&chm=1&ctx=2&gqid=plEHYrvVHJLe3wO7m76AAw&qqid=COCKiu3C-fUCFVKK_Qcd8p0E7A&met.4=fb.81~lb.ev~ol.in~bdt.-if~bpp.-5k~idt.-5~dtd.-1~dt.-5m&met.1=1.kzjg977x~6.0~7.0~8.0~9.0~10.0~12.1~13.4v~14.59~15.69~16.ev~17.ev~18.ev~19.im~20.im~21.im&met.7=CAUQCBgBML0BOJ8FaAFwrwF4rq8BgAGCrQGIAeWqBLABAbgBAw~CAkQChgBIIwCKIwCMMMCODholAJwugJ4tT-AAYk9iAGslgGwAQG4AQM~CBIQBxgBIIwCKIwCMIsDOH5AjQJIjgJQjgJY3gJgsgJo3gJwigN42geAAa4FiAHcPqoBGAoWUm9ib3RvOjcwMCw1MDAsNDAwLDMwMLABAbgBAw~CDoQBxgBIIwCKIwCMI0DOIEBQI4CSJwCUJwCWOoCYL8CaOoCcI0DeJoYgAHuFYgB53GwAQG4AQM~CDoQChgBII0CKI0CMO0DOOABaOoCcI8DeNfaB4ABq9gHiAGHlxawAQG4AQM~CBwQChgBIKICKKICMPACOE5oogJw6wJ4izSAAd8xiAG_dbABAbgBAw~CBsQARgBIIEEKIEEMMwEOEs~CBMQAhgBIIkEKIkEMP8EOHZAiQRIiQRQiQRY0wRgqgRo0wRw9AR4gH6AAdR7iAHUe6oBDAoGcm9ib3RvEB0YArABAbgBAw~CBMQAhgBIIwEKIwEMJwFOI8BaNMEcP8EePR8gAHIeogByHqqAQwKBnJvYm90bxAdGAKwAQG4AQM~CBwQBhgBII4EKI4EMNQEOEZojwRw0wR4rAKwAQG4AQM~CCgQDRgBIJMEKJMEMMUFOLEBQJQESMcEUMcEWIUFYOIEaIUFcL0FeOZwgAG6bogBkrMBsAEBuAED~CCEQBBgBIJQEKJQEMMQEODBolQRwwwR4rAKwAQG4AQM~CCgQChgBIKIFKKIFMM4FOCxoqgVwzAV40rYBgAGmtAGIAd3eA7ABAbgBAw&met.3=113.k1_2~112.k1_2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 94FF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 18:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 18:15:45 GMT
file.webm
r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 94FF
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
  • https://r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,it...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/704A4C2BEDCEEC8F95C6141830F81E094542ECE1.3AA3D48BE7B9AB85E60F0ABC11CC2B107E8BC356/key/cms1/cms_redirect/yes/mh/nw/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1644646003/mv/u/mvi/1/pl/32/file/file.webm
Protocol
HTTP/1.1
Server
2a00:1450:401f:6::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1048386
Last-Modified
Tue, 18 Jan 2022 15:18:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 12 Feb 2022 06:20:23 GMT

Redirect headers

date
Sat, 12 Feb 2022 06:20:23 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/704A4C2BEDCEEC8F95C6141830F81E094542ECE1.3AA3D48BE7B9AB85E60F0ABC11CC2B107E8BC356/key/cms1/cms_redirect/yes/mh/nw/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1644646003/mv/u/mvi/1/pl/32/file/file.webm
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kzjg97c5&c=3820389687453562&e=31061691%2C31061693&ctx=1&met.3=112.163_1~646.16i_1~800.16k~800.16k~800.16l~800.16l~800.16m~653.16v_9~801.175~825.175~801.175~355.175~825.175~825.177~647.177_1~168.19n~168.19n~168.19n_4~168.19n_4~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19r~168.19s~168.19s~168.19s~168.19s~168.19s_2~168.19s_2~168.19t~168.19t~168.19t~863.19u~680.19u~168.19u~168.19u~168.19u~168.19u~168.19u~168.19u~168.19u~168.19u~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~168.19v~863.19v~680.19v~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~168.1ae~863.1ae~680.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1af~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~168.1ag~863.1ag~680.1ag~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ao~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~863.1ap~680.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1ap~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~168.1aq~863.1aq~680.1aq~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay~168.1ay_3~168.1ay_3~168.1b1~168.1b1~168.1b1~863.1b1~680.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b1~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~168.1b2~863.1b2~680.1b2~863.1b6~680.1b6~824.1b6~824.1b6~774.1d7~844.1d7~844.1d7~863.1dd~680.1de~824.1de~824.1de~783.1de~863.1gw~680.1gw~168.1gw~168.1gw~168.1gw~168.1gw~168.1gw~168.1gw~168.1gw~168.1gw~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~168.1gx~863.1gx~680.1gx~863.1gy~680.1gy&met.9=4_1.16j~5_1.16t~6_1.1d7&met.7=CBsQCMABufX9lws~CBsQByDlBTjLAcABx92nswY~CAEQChgBIOUFKOUFMK4HOMgBQOYFSOYFUOYFWLQGYIcGaLUGcPgGeK2nA4ABgaUDiAG0xwmwAQG4AQPAAd6Ov5sB~CDsQChgBIOYFKOYFMNQIOO4CQLoHSLoHULoHWIUIYNsHaIYIcLAIeKjWAYAB_NMBiAGFgQWwAQG4AQPAAeLN6pYJ~CBsQChgBIOYFKOYFMIEHOJsBQOYFSOYFUOYFWLUGYIcGaLUGcNgGeMuLAoABn4kCiAGL9wWwAQG4AQPAAcmQtZcO~CBsQCiDmBTjOAcABwcT2xAc~CBsQBiDnBTjsBcAB1areQA~CBsQBiDnBTj7BcAB7s7Npws~CBsQBiDnBTj_BMAByMHC3Qk~CBsQBiDnBTiRBcABuP6MpQs~CBsQBiDnBTj-BMAB_fPC_gU~CBsQBiDnBTjbBcAB2YGQpQU~CBsQBiDnBTj8BcABrqiYgAE~CBsQBiDnBTiKBcAB9t-9lwc~CBsQBiDnBTiNAsAB7qSZ8AU~CBsQBiDnBTiAA8ABlc3qxAk~CBsQBiDnBTjsBcABgq6m1wY~CBsQBiDnBTjpBcAB6eOtpwc~CBsQBiDoBTj_BMAByJvb3Qo~CBsQCiDuBTjaAsAB09rXxwU~CBsgzAc4T8AB1YC_qAs~CBsQAiDRBzitAcABmN3twQI~CAMQChgBIIUIKIUIMO4IOGlohghwvwh41cMGgAGpwQaIAcuPErABAbgBA8ABpfqt-gs~CAwQBRgBIJIIKJIIMIMJOHFAkwhIlAhQlAhY3whgtQho3whwgQl4sCaAAYQkiAHwULABAbgBA8AB2a-p8Qg~CA4QChgBIMUJKMUJMNoKOJUBUMYJWO8JYMYJaO8JcJEKeLC9B4ABhLsHiAGGpRawAQG4AQPAAefCt0g~CDwQDRgBIMcJKMcJMJwKOFZQxwlY8Qlgxwlo8QlwnAp4hAOAAViIAVywAQG4AQPAAejUr80J~CBwQChgBINsJKNsJMIUKOCpo2wlw_gl476oBgAHDqAGIAaG0A7ABAbgBA8AB4tLGugU~CBsQAiDdCTgnwAHJ1Zlw~CBsQChgBIOQJKOQJMI8KOCto5Qlwjwp49gOAAcoBiAHZAbABAbgBA8AB5Krg8AI~CC8QBxgBIOkJKOkJMOIKOHlA6glI6glQ6glYtwpgiwpotwpw4gp4kAOAAWSIAWuwAQG4AQPAAZbl7tEP~CC8QBxgBIOoJKOoJMOMKOHpA6glI6glQ6glYtwpgiwpotwpw4wp4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBwQBhgBIOoJKOoJMJUKOCto6glwlAp4rAKwAQG4AQPAAZSE4rUO~CAUQBRgBIPMJKPMJMJYLOKMBUPMJWJ0KYPQJaJ4KcJULeIEpgAHVJogBtZEBsAEBuAEDwAGQx7LwCA~CBsQCiD5CTh5wAHZ67DzCg~CBsQDSD7CThowAGYkZD4Dw~CCgQChgBIIcLKIcLMKsLOCRohwtwqQt40rYBgAGmtAGIAd3eA7ABAbgBA8ABm-H6cA~CA8QDRgBIJgLKJgLMOcLOE9omAtw5Qt43ZQBgAGxkgGIAbD5ArABAbgBA8ABv96a6wY~CCgQDRgBILULKLULMI8MOFvAAeKygLkD~CBsQBiC2CzhNwAGG7L72DA~CBsQBiC3CzhNwAGG7L72DA~CBsQBiDnBTjJBsAB56HpkAc~CBsQBiDoBTjWBsABmPbt5QU~CBsQBiDnBTjbBsABidnYwgo~CBsQBiDnBTjlBsAB5ZbVkQw~CBsQBiDnBTjpBsAB047Qww0~CBsQBiDoBTjbBsABia6jqgQ~CAUQBRgBIMMKKMMKMNwLOJoBaMQKcNwLePsDgAHPAYgBrgOwAQG4AQPAAZDHsvAI~CC8QBxgBIOQLKOQLML4MOFpQ5AtYkAxg5Atokgxwuwx4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CAUQBRgBINMKKNMKMJEMOL0BaNUKcIIMeK6vAYABgq0BiAHlqgSwAQG4AQPAAZDHsvAI~CAUQBRgBIN8KKN8KMPYLOJcBaOAKcPYLePsDgAHPAYgBrgOwAQG4AQPAAZDHsvAI~CC8QBxgBIOMLKOMLMMEMOF1Q5AtYkQxg5Atokgxwvgx4kAOAAWSIAWuwAQG4AQPAAZbl7tEP~CAUQBRgBIOoKKOoKMLoMONEBaOsKcLkMePoDgAHOAYgBrgOwAQG4AQPAAZDHsvAI~CBsQBRgBIJoLKJoLMLoMOKABQJsLSL0LUL0LWI4MYN8LaI4McLkMeNAagAGkGIgBzi-wAQG4AQPAAerLsMEN~CAUQBRgBIOcLKOcLMOcMOIEBaOgLcOYMePoDgAHOAYgBrgOwAQG4AQPAAZDHsvAI~CBsQBiDnBTi4B8AB_bzDkAw~CBsQBhgBIL4MKL4MMJwNOF9o6AxwnA141gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQBiDnBTjGB8ABo8yWpQM~CBsQBiDnBTjLB8AB5P2MsQ0~CBsQBiDoBTjLB8AB2oWA1A0~CBsQBiDoBTjTB8AB1bLkwAo~CBsQBiDoBTjZB8AByaHd_gc~CBsQBhgBIL4MKL4MMM0NOI8BQMIMSMQMUMQMWJINYOYMaJ4NcMwNeNYCgAEqiAEqsAEBuAEDwAGk9pbEBw~CBsQBiDoBTijCMABjanH7Qw~CBsQBiDoBTixCMAB4fGQlgc~CBsQBiDoBTi2CMABqr3pzA0~CBsQBiDoBTi2CMABr7Lchw8~CBsQBiDoBTjBCMABlb2c1w0~CBsQBiDoBTjFCMABnfLJ9gQ~CBsQBiDpBTiQCcABg8r2sA0~CBsQBiDpBTidCcABp-6nTQ~CBsQBiDtBTieCcABq9uFqwQ~CBsQBiDtBTifCcAB95nExg8~CBsQBiDtBTitCcAB7OTnsQ0~CBsQBiDtBTiuCcABsMH98Ag~CBsQBiDtBTj7CcABrOGJggw~CBsQBiDtBTiPCsABqrnnogE~CBsQBiDtBTiRCsABhoaAigg~CBsQBiDtBTibCsABx5muigg~CBsQBiDtBTj6CsAB2tj8_Qs~CBsQBiDtBTjvC8ABncHIiQk&qqid.1=CMChju3C-fUCFcr5dwodvNICmQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1215.min.js
js-agent.newrelic.com/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1215.min.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding
gzip
etag
"615035bb6557b191e767e19087efabaf"
x-amz-request-id
697MWACPGJQ7HEQK
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13666
x-amz-id-2
za9jInFbW3uiJCnXsGlN8IXx2pIQ8ym2ArlgGRvTKA92B2RFV+w07qWwBJiPG2e+sEvG1j5pz14=
x-served-by
cache-lcy19235-LCY
last-modified
Mon, 24 Jan 2022 22:13:53 GMT
server
AmazonS3
x-timer
S1644646823.428850,VS0,VE0
date
Sat, 12 Feb 2022 06:20:23 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2834
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220209&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9262c7c29004ee567cc9c2d0ab2d8d195120274834f0fd44c1c538238d79f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9898
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.balatarin.com&doc=complete&pg_h=4348&pg_w=1600&pg_hs=4348&c=4&aa_c=0&av_h=280&av_w=446.664&av_a=125065.938&s=516.031&all_s=516.031&b=338.063&all_b=338.063&d=0.258&all_d=0.258&ard=0.072&all_ard=0.072&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f0e3262f01
bam-cell.nr-data.net/1/ 		49 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/f0e3262f01?a=2210743&v=1215.1253ab8&to=cwleR0tYVF1RSklbWF4NQxxfUllFQUoDUw%3D%3D&rst=2365&ck=1&ref=https://www.balatarin.com/&ap=25&be=746&fe=2284&dc=1278&perf=%7B%22timing%22:%7B%22of%22:1644646822778,%22n%22:0,%22f%22:205,%22dn%22:205,%22dne%22:206,%22c%22:206,%22s%22:227,%22ce%22:252,%22rq%22:252,%22rp%22:692,%22rpe%22:715,%22dl%22:701,%22di%22:1278,%22ds%22:1278,%22de%22:1332,%22dc%22:2283,%22l%22:2283,%22le%22:2288%7D,%22navigation%22:%7B%7D%7D&fp=1015&fcp=1015&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:20:23 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6dc3b5f70ee37480-LHR
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D508 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 05:57:58 GMT
expires
Thu, 09 Feb 2023 05:57:58 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
260545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31064825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 12 Feb 2022 06:20:23 GMT
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame D508 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 07:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Feb 2023 07:28:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9789 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Feb 2022 21:56:10 GMT
expires
Sat, 11 Feb 2023 21:56:10 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
30253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A485 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a7ed98cd4956d9337769d8e474d39681b0a26429d58e33f013910e505a0a1da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qD1BVc+mllRwJDivWD3IJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 12 Feb 2022 06:20:23 GMT
date
Sat, 12 Feb 2022 06:20:23 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qD1BVc+mllRwJDivWD3IJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame 9789 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 07:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Feb 2023 07:28:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A485 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220209&jk=3820389687453562&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
file.webm
r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 94FF 		342 KB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrn76.c.2mdn.net/videoplayback/id/54f2559e6e0ca3c0/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786967100/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/704A4C2BEDCEEC8F95C6141830F81E094542ECE1.3AA3D48BE7B9AB85E60F0ABC11CC2B107E8BC356/key/cms1/cms_redirect/yes/mh/nw/mip/2a02:8c8:c10:30::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1644646003/mv/u/mvi/1/pl/32/file/file.webm?range=0-349999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401f:6::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
51c63d742086c2f9e08d6b089dfaa1e9f1e6c7332abb37a0e6aa3c0e755d0bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:23 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350000
client-protocol
quic
last-modified
Tue, 18 Jan 2022 15:18:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Sat, 12 Feb 2022 06:20:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D508 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B4wuFp1EHYtD5BuTLmwf_tK-QCgAAAAA4AeAEAg&bg=!MTKlMnbNAAbAtJCDwLQ7ACkAdvg8WgPVxK68CNZPbW7qzkryVvVt6SEy0QicQmcUs7jLVnBj25zc7AIAAACcUgAAAAJoAQcKAFul0EWUD-9gKIULD1VvQabhgavyk1lJTb7xYfh55AiTQAWswFhak6E1CY9KlgX106hSMT9pC4UKyy-4xLVgzbW5fCx-1rn-3TNgXtS_0XMP9RJP9ESU4grc1DX4mQLpj0eAwdLGzoJdUT4xrBG0dSHDc_0h-A4sOx2-bxc7gYgfgEjWA7CRTd05KFwzB8DO5ihr5z_JYd9UuAZ64VW1FEG4gbN1hrqM-tqNXqx8UZ0HQIhq_OEq4yegHvKiJJXfKfXvei04vQT8MzEm1Lo4t1ibkjOY_yeXxBh5ZCr0e-JiT_KDnfje5GbrvK4w7W8tqQQuiHjxjatDLH6vj4-VksBZVEkga__zvDZNGn0BHMj3UT3GKtPyV8VA124Btb-WOVoFU_h3WiUXkZ3_gp1j37ExjJ_ucBHi3cgeSK8UrKHTnSamOcEQ2lOHtnTd3c7gbP_Ai0AzWLDkImxH0_-RJBTGVSMGmbfNL9780K-8ar0pT6f39mAqZHORQixE8SKCjRX2jyz6to_LtKWH9GKL7KdOMZ9sL2vqRSsAq903BeHtc_4i-rza0cu-aZ-O5qMQqm6iuQpepV5H0gJo4OjkLWzfa0AYRG4Ukuhjf0ixe8uws2uPHxn5qWXixmpXJvhZAZ0IzmZXezkVeOBtmsk_fn28qzLgiJunIBqqqDBlASfvr0Plas3M4C39kr2TH-1ENCDTOHllj-fFbKzTe-AjOo3r63mGR1xMavb8TaQFxc959HCtm3Hrfh00DCpKG0mZaZLfUkdJjsNsIFtiiSJzn6cHp3pnCtzv0wQEWs2lcSff2nPoBoYiCkb9IiUCwRYFz8NowFs-4_qUZdcjUNN1ce9LwrDjY_zgM9Lf5Ar09SCY64RPvMBZhyurWSnRh36hUBBzAK2Z3gx6_rM8s6wPv3R-FqVkZA2aW8cg9ximQdj-AbZ0fN64xPhLs2OoAH1EnEt1MWUYKIwqVuqUK9BGP6k9ccRicOzsQnSoi5VB5OGAU1AuUbfA80O_Y_gi0-XBqzf3voDf2HcCFlNiR2KyIc7t1d5gbv9Er70vjILgc5GuhLbaoerOSV-Rq3W9K4-ympI3UxcL5mvozh8HIIx8MO3SQX3g2aP8Jw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 9789 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NHsK4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:20:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
csi
csi.gstatic.com/ Frame 94FF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kzjg97m6&c=6757499117336&slotId=3378749558668&qqid=COCKiu3C-fUCFVKK_Qcd8p0E7A&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=854&mt=video%2Fwebm&vs=1280x720&ulv=1&cll=0&vmfc=19&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=45&vsrc=doubleclick_dmm&ple=1&ape=1&umsem=1&met.4=msms_oso.yt~lvlcl.12k&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp8%2C%20vorbis%22&msms_cs0=350000&msms_ns=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220209&jk=3820389687453562&bg=!Xl2lXRnNAAbAtJCDwLQ7ACkAdvg8WmtN_hsUE2iPUV1-l5Ez4L3-ccfyNPTWUr0u_4fUguotBF64kgIAAAB-UgAAAAdoAQcKAKoqpdz5inVsV7YynnUdzeAkSYjTNHbob1bqQ3qUNnQAos6Pt5Sf24IBxqNQmkewohPVE-MNL8OXSNUJzBQQquFOzc3T2TpCHn0VXnvrJS8PN5YTpZmNoXwRTwG0AdjEdhsYEygc0peBiRJZub73a3LXCLF1UxMM7hWn0Ns252MuyVGGjl61yLAwT6FWOIq9Kl4o9-Vhsy4Dx7UDqZsMkLy3cWgw_KWcpwlsXJkCsmPfZWvmp4OSOyaZQm9bmlLLU2og8W2igjRxw5rf0Pw2EXOg5gJnEUdTD6jpiUmRSpI3lhqGBB08VrKdMqGUdpRtU544VAQbxPJTIkNAyD-Q3W5pSCWm_WvnvptT5E53-3MmSdVP6YYR06PgLM00TQ2EfXgVK4Tgm10Bypo8bzFW4jGremMX0sPhTaldgnairEYQC3aNhjNGBhK77eKX0mf7F1Wnq84GOcJB5yM0WPLj_Gkog-ysHHV0GKtAZYcp2m0WSO5L2oeT0uXjsXf0Lb1ZBjTXxx1jl07bcJ3xqvdox3u1brPFOHUvMTZsew4I5gjxTw5WrSP7DSO92gBDJPTPibH_-j0duqMvc_5cOrWriRm7kk9SKsfA5B21xYS7ernfw2HmaSXOqPZZ1MSY55kgJmp6f0FBAzVP8seuBUUEHlMHZDkBvpJofea6cbZLZjL63y5ZUHTa20QoW4XDWvWhn11PgY7jqVKAveHoAL96C--hkqz4ir78ZXuKYWeNjddmBt5Ld0YLgBGppdwu56Q8ETv2MpzuamN-LkOJGdELqtid8vEMMZ-1S1DywBiPMQ3YJTEy91sM66UH7IMSgRrsGCcNoZvAv4dO-hM0gR7nMyIfdbcYpq2x4siiUv7mDWbamEIBh-lLQGogeRjkxEOvsrZ67VkvvUuyJW8F8xhsgUOvvip_pxoFOgcUT5YXpZsCweJtqSXF7MVj29g0B7W2PYZYFD5D2fX13l3UTbVZ9xU5JlHQ5XPoOqnj_yu9mzU3Aib6njj9vItIGfMDVHho-cMpSqaGYsl2Xw0HEj2NOHMEL0oMBGcW_FGg-fp1TA18OF7wifPa2uAftjpBXzuryVJv-tVxggNkpHt6o78wXipbXlqecfoTBvucUOZG3sbEBqI8QkytSPBMqUSnpIsLtw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kzjg978c&c=3820389687453562&e=42531397%2C44750774%2C31064825%2C31061691%2C31061693&ctx=1&met.3=164.sm_1~165.sj_3~166.s8_q~247.ta~166.ti_4~164.v6~165.tq_1h~166.w4_3~247.wa~248.wa~164.wb_1~165.wa_2~164.we~165.wc_2~166.xc_3~166.xg_3~247.xk~248.xk~164.xl~165.xk_2~166.y0_2~326.yi_2~216.yg_4~215.yg_4~843.yf_5~779.yq~868.yq~889.z2~639.z7~914.z7~326.119~216.112_7~215.112_7~779.11a~868.11a~889.11b~639.11g~914.11g~326.11r~216.11r~215.11r~779.11s~868.11s~889.11t~639.11y~914.11y~326.123~216.123~215.123~779.124~868.124~889.125~639.128~914.128~629.129_1~112.12a_2~326.12e~216.12e~215.12e~779.12f~868.12f~889.12g~639.12k~914.12k~827.134~74.135_1~947.137~43.137~53.137~947.137~6.137~91.137~947.138~95.138_2~77.135_4~724.13b_1~724.13c~724.13c~895.13d~894.13d~872.13e~895.13f~907.13i_1~808.13s~808.13t~429.14y~947.156~573.156~598.156~453.156_1~754.158~947.159~573.159~598.159~453.159_1~754.15a_2~247.15f~248.15f~326.15g~164.15g_1~165.15e_2~947.15h~573.15h~598.15h~453.15h_1~947.15i~573.15i~598.15i~453.15i_1~947.15j~573.15j~598.15j~453.15j_1~947.15k~573.15k~598.15k~453.15k_1~947.15l~573.15l~598.15l~453.15l_1~947.15m~573.15m~598.15m~453.15m_1~947.15n~573.15n~598.15n~454.15n_1~947.15o~573.15o~598.15o~454.15o_1~947.15p~573.15p~598.15p~454.15o_1~947.15p~573.15p~598.15p~453.15p_1~947.15r~573.15r~598.15r~753.15u~353.14z_v~779.15v~868.15v~889.15x~639.160~914.160&met.9=1.xw~13.11q~2.131~9.0~3_1.13s~7_1.0&met.7=CBsQCMABufX9lws~CBsQByDlBTjLAcABx92nswY~CAEQChgBIOUFKOUFMK4HOMgBQOYFSOYFUOYFWLQGYIcGaLUGcPgGeK2nA4ABgaUDiAG0xwmwAQG4AQPAAd6Ov5sB~CDsQChgBIOYFKOYFMNQIOO4CQLoHSLoHULoHWIUIYNsHaIYIcLAIeKjWAYAB_NMBiAGFgQWwAQG4AQPAAeLN6pYJ~CBsQChgBIOYFKOYFMIEHOJsBQOYFSOYFUOYFWLUGYIcGaLUGcNgGeMuLAoABn4kCiAGL9wWwAQG4AQPAAcmQtZcO~CBsQCiDmBTjOAcABwcT2xAc~CBsQBiDnBTiNAsAB7qSZ8AU~CBsQBiDnBTiAA8ABlc3qxAk~CBsQCiDuBTjaAsAB09rXxwU~CBsgzAc4T8AB1YC_qAs~CBsQAiDRBzitAcABmN3twQI~CAMQChgBIIUIKIUIMO4IOGlohghwvwh41cMGgAGpwQaIAcuPErABAbgBA8ABpfqt-gs~CAwQBRgBIJIIKJIIMIMJOHFAkwhIlAhQlAhY3whgtQho3whwgQl4sCaAAYQkiAHwULABAbgBA8AB2a-p8Qg~CA4QChgBIMUJKMUJMNoKOJUBUMYJWO8JYMYJaO8JcJEKeLC9B4ABhLsHiAGGpRawAQG4AQPAAefCt0g~CDwQDRgBIMcJKMcJMJwKOFZQxwlY8Qlgxwlo8QlwnAp4hAOAAViIAVywAQG4AQPAAejUr80J~CBwQChgBINsJKNsJMIUKOCpo2wlw_gl476oBgAHDqAGIAaG0A7ABAbgBA8AB4tLGugU~CBsQAiDdCTgnwAHJ1Zlw~CBsQChgBIOQJKOQJMI8KOCto5Qlwjwp49gOAAcoBiAHZAbABAbgBA8AB5Krg8AI~CBwQBhgBIOoJKOoJMJUKOCto6glwlAp4rAKwAQG4AQPAAZSE4rUO~CBsQBiDnBTj_BMAByMHC3Qk~CBsQBiDnBTj-BMAB_fPC_gU~CBsQBiDoBTj_BMAByJvb3Qo~CC8QBxgBIOkJKOkJMOIKOHlA6glI6glQ6glYtwpgiwpotwpw4gp4kAOAAWSIAWuwAQG4AQPAAZbl7tEP~CC8QBxgBIOoJKOoJMOMKOHpA6glI6glQ6glYtwpgiwpotwpw4wp4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQDSD7CThowAGYkZD4Dw~CBsQBiDnBTiRBcABuP6MpQs~CBsQBiDnBTiKBcAB9t-9lwc~CBsQCiD5CTh5wAHZ67DzCg~CAUQBRgBIPMJKPMJMJYLOKMBUPMJWJ0KYPQJaJ4KcJULeIEpgAHVJogBtZEBsAEBuAEDwAGQx7LwCA~CCgQChgBIIcLKIcLMKsLOCRohwtwqQt40rYBgAGmtAGIAd3eA7ABAbgBA8ABm-H6cA~CBsQBiDnBTjsBcAB1areQA~CBsQBiDnBTj7BcAB7s7Npws~CBsQBiDnBTjbBcAB2YGQpQU~CBsQBiDnBTj8BcABrqiYgAE~CBsQBiDnBTjsBcABgq6m1wY~CBsQBiDnBTjpBcAB6eOtpwc~CA8QDRgBIJgLKJgLMOcLOE9omAtw5Qt43ZQBgAGxkgGIAbD5ArABAbgBA8ABv96a6wY~CCgQDRgBILULKLULMI8MOFvAAeKygLkD~CBsQBiC2CzhNwAGG7L72DA~CBsQBiC3CzhNwAGG7L72DA~CBsQBiDnBTjJBsAB56HpkAc~CBsQBiDoBTjWBsABmPbt5QU~CBsQBiDnBTjbBsABidnYwgo~CBsQBiDnBTjlBsAB5ZbVkQw~CBsQBiDnBTjpBsAB047Qww0~CBsQBiDoBTjbBsABia6jqgQ~CAUQBRgBIMMKKMMKMNwLOJoBaMQKcNwLePsDgAHPAYgBrgOwAQG4AQPAAZDHsvAI~CC8QBxgBIOQLKOQLML4MOFpQ5AtYkAxg5Atokgxwuwx4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CAUQBRgBINMKKNMKMJEMOL0BaNUKcIIMeK6vAYABgq0BiAHlqgSwAQG4AQPAAZDHsvAI~CAUQBRgBIN8KKN8KMPYLOJcBaOAKcPYLePsDgAHPAYgBrgOwAQG4AQPAAZDHsvAI~CC8QBxgBIOMLKOMLMMEMOF1Q5AtYkQxg5Atokgxwvgx4kAOAAWSIAWuwAQG4AQPAAZbl7tEP~CAUQBRgBIOoKKOoKMLoMONEBaOsKcLkMePoDgAHOAYgBrgOwAQG4AQPAAZDHsvAI~CBsQBRgBIJoLKJoLMLoMOKABQJsLSL0LUL0LWI4MYN8LaI4McLkMeNAagAGkGIgBzi-wAQG4AQPAAerLsMEN~CAUQBRgBIOcLKOcLMOcMOIEBaOgLcOYMePoDgAHOAYgBrgOwAQG4AQPAAZDHsvAI~CBsQBiDnBTi4B8AB_bzDkAw~CBsQBhgBIL4MKL4MMJwNOF9o6AxwnA141gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQBiDnBTjGB8ABo8yWpQM~CBsQBiDnBTjLB8AB5P2MsQ0~CBsQBiDoBTjLB8AB2oWA1A0~CBsQBiDoBTjTB8AB1bLkwAo~CBsQBiDoBTjZB8AByaHd_gc~CBsQBhgBIL4MKL4MMM0NOI8BQMIMSMQMUMQMWJINYOYMaJ4NcMwNeNYCgAEqiAEqsAEBuAEDwAGk9pbEBw~CBsQBiDoBTijCMABjanH7Qw~CBsQBiDoBTixCMAB4fGQlgc~CBsQBiDoBTi2CMABqr3pzA0~CBsQBiDoBTi2CMABr7Lchw8~CBsQBiDoBTjBCMABlb2c1w0~CBsQBiDoBTjFCMABnfLJ9gQ~CBsQBiDpBTiQCcABg8r2sA0~CBsQBiDpBTidCcABp-6nTQ~CBsQBiDtBTieCcABq9uFqwQ~CBsQBiDtBTifCcAB95nExg8~CBsQBiDtBTitCcAB7OTnsQ0~CBsQBiDtBTiuCcABsMH98Ag~CBsQBiDtBTj7CcABrOGJggw~CBsQBiDtBTiPCsABqrnnogE~CBsQBiDtBTiRCsABhoaAigg~CBsQBiDtBTibCsABx5muigg~CBsQBiDtBTj6CsAB2tj8_Qs~CBsQBiDtBTjvC8ABncHIiQk~CBsQCDjwEcABufX9lws~CBsQARgBIOsRKOsRMJYSOCvAAaSg_KUH~CBwQBhgBIIMSKIMSMK0SOCpogxJwrRJ4rAKwAQG4AQPAAZSE4rUO~CBsQCiDsEThLwAGIq8WyDQ~CCcQDRgBIO0RKO0RMM4SOGFQ7hFYmBJg7hFomBJwyBJ41k-AAapNiAHiZbABAbgBA8AB8_LLrgs~CCcQChgBIM8SKM8SMIoTODvAAeLBm9oF~CCcQBRgBII8TKI8TMLMTOCTAAZmVn6AL~CBsQBRgBIJATKJATMOgTOFjAAc_G2uIB~CBsQCiC-EjiUAsABwfXptwY~CBwQBhgBII8ZKI8ZMLoZOCxojxlwuhl4rAKwAQG4AQPAAZSE4rUO&met.10=1_1.IKELEAAIABiAmHUoAA&met.1=1.kzjg9662~6.5p~7.5p~8.5q~9.5q~10.70~11.6b~12.70~13.j8~14.jv~15.jh~16.zi~17.zi~18.110~19.1rf~20.1rf~21.1rk~22.s8~23.s8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/rum_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~kzjg97xh&c=3820389687453562&e=31061691%2C31061693&ctx=1&met.3=94.1rk~113.1ru_4~947.1rz~573.1rz~598.1rz~113.1ry_5~863.1z0~680.1z0&met.7=CBsQCDjwEcABufX9lws~CBsQARgBIOsRKOsRMJYSOCvAAaSg_KUH~CBwQBhgBIIMSKIMSMK0SOCpogxJwrRJ4rAKwAQG4AQPAAZSE4rUO~CBsQCiDsEThLwAGIq8WyDQ~CCcQDRgBIO0RKO0RMM4SOGFQ7hFYmBJg7hFomBJwyBJ41k-AAapNiAHiZbABAbgBA8AB8_LLrgs~CCcQChgBIM8SKM8SMIoTODvAAeLBm9oF~CCcQBRgBII8TKI8TMLMTOCTAAZmVn6AL~CBsQBRgBIJATKJATMOgTOFjAAc_G2uIB~CBsQCiC-EjiUAsABwfXptwY~CBwQBhgBII8ZKI8ZMLoZOCxojxlwuhl4rAKwAQG4AQPAAZSE4rUO&met.1=1.kzjg9662~6.5p~7.5p~8.5q~9.5q~10.70~11.6b~12.70~13.j8~14.jv~15.jh~16.zi~17.zi~18.110~19.1rf~20.1rf~21.1rk~22.s8~23.s8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:20:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| NREUM object| newrelic function| __nr_require object| adsbygoogle object| googletag function| $ function| jQuery object| Bala object| jQuery112403316125267303025 object| WebuiPopovers function| Headroom object| cookieconsent object| Turbolinks object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| container object| button function| domainCheckDismiss string| google_user_agent_client_hint number| google_lpabyc function| google_sa_impl object| google_rum_config object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| GoogleAnalyticsObject function| ga number| id function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson object| _google_rum_ns_ object| google_tag_data object| gaplugins object| gaData undefined| google_timing_params undefined| google_rum_values object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
www.balatarin.com/analytics Name: geo
Value: 0
www.balatarin.com/ Name: geo
Value: 0
www.balatarin.com/ Name: _balat_session_new
Value: heBaSaPqmPanJZL74hSTTr2Zi00%2FQJLfdr3udmCHGourc4LyNDaT%2Fd101xnzv3pWqiUJcQb8JPcxNUF%2Bq1FmBs8FFI679i93jBJnw7QZ9ES%2BqzVfsnZzf4Yuk%2BNSBLz8IfWdE83RlI2EJe9M4DMGv4JlnXFHFzzAyi6br1cJ0ZTOLhen1%2BfYm7MUSunlyyBQV4hkCz6xGv6W6h900qC%2Fo%2B1FAev0GnzU2RwCNCgUYdxbim8%3D--C9eLvRupih5TFG0f--4rr8XbwcwdIspWcAPRBq6g%3D%3D
www.balatarin.com/ Name: _ga
Value: GA1.1.1028921156.1644646824
www.balatarin.com/ Name: _gid
Value: GA1.1.672178205.1644646824
www.balatarin.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkjkhnYYJgx_BOxM54dL8ONVkvNplmNQpIu3nZtpixZgc14HEfCXPdKhmqguAU
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.balatarin.com/ Name: __gads
Value: ID=300cb037b289c9b9:T=1644646822:S=ALNI_Mau8fnu5y8UgblTdKh-ZWPO8vqADQ
.nr-data.net/ Name: JSESSIONID
Value: 898388920ad2ac83

2 Console Messages

Source Level URL
Text
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

465ac69f7d8907f9302e7b63d8b475ea.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
assets.balatarin.com
bam-cell.nr-data.net
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
img.youtube.com
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-aigzrn76.c.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
unified.adsafeprotected.com
www.balatarin.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
z-na.amazon-adsystem.com
107.178.241.59
142.250.185.226
143.204.213.226
151.101.194.137
162.247.243.146
18.66.248.8
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9a
2a00:1450:401f:6::6
52.18.104.30
52.217.108.198
66.102.1.154
03d5c445fbf76b8749bdac185d39ee6f2255ba15d67c66f10a7c69d978ac3faf
0489db69c4bc9c54d4e3e53e99993697b759c7915c8a74be627cc066435bd61b
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0af57d39bbace330227797c8a06761153e41e7d5b824078fda7e3c6ada874f48
0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1300ac6cc7ee041479dfed9fd81036169036998762c12ce64cb744ecb7db9060
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
17637322c74bdd0c7e8f8041bf1a663f3eac5b07097146ba7ba632caad727f6a
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
1a08b9046107dc6e65fb6cebb1fbed7e8a5a92700e7ec30fac22447f52064be8
1bafc102c843c5cbe731284c2235c8a82f6fe61e176b854cc4f135d7b0aa237f
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2716a3b30a76991e545b8576e1c0189f8a94139f3aabe69a6929e1cd86d65f8d
284df6a1fee0a9e1acd9251a08f1abf1235109885349ed3ead1b0e470f0e3173
2a7ed98cd4956d9337769d8e474d39681b0a26429d58e33f013910e505a0a1da
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cf69ca95688c8456d852753902310bc5dc916f1a70e538a7a5f9d63167e7108
30ab97b5fdbee7c42aebce8e7e9ea0a65443563c67eac89b70842fd577994e2f
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
364dbe9b5ff2d53172555d0fcaae52e135faa030e53ae7503bedd25243f07b22
383f5c256994d833ad781f00786a56925a5c66d4c19efb9e836a86a7d1076343
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d31fb3a2cbf25c10c378a8fe5569270094c8ea208e8c7f70a8761e1333ea805
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
46b7e564b1b64d737a088f8d77b7cf947eadac0e1c457642b4282fd5279ea865
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
51c63d742086c2f9e08d6b089dfaa1e9f1e6c7332abb37a0e6aa3c0e755d0bd8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56081264c93e1c90b2458f2e33a938ee36ae3364d0b1d5d514a3f62cddbf537e
5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11
5c0f850be678e4a3b5f436c6d92b534b50bfd2c469744003fa0885a41ab57f43
5c36f1f994513470dde6cd4747c5fa533dadb40ca12b9d673894411a8719f1c5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642cf3c2b9e1e211c2cad4f0cba5b8eec3843391669e1226e77b48f6e389e6d6
656fe53b400470587c8679d190e2f1ad1102ae564b28951ea31ea505355a1ff0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
687f3b3cb0240470e31287aa6469af3d7f54738d7402143f57537c5575f0176f
71177b0e923ab233c6d1f491ba862ee71ebfd48648d744b0fb98d568d09f31a9
7403e23a0f81f5d04d28eb19a3ab506d769cd731ab392c7c4cf549e2317fdf66
7457378191eb1d61476c942294555d13eb92a45e200edaf4f95fe71f2179a4cc
7592346243c57cb250caf24a66038019ac0348bfbe2b500897e15193efc29de0
79396cb76ba0864fcdf95547f834c953591d3881e2c555dd591e6a825abcdfd7
7ef06a016171df4217bb8f0867f6b87b0d063b4d139d6caa9d9f0b3421a158e5
81f08064f9baa33ad18a4a024d4fb6450de7ddd0805a18a6881a2a8d692bf558
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8569a368f1771a5776d403dd2bcfd48c0793ea3c4d8183e24130e4be5f43d2fd
85bf2e34d39f9aedea5096d1e6558ddfa9086a7db2784c0bfa6be68223e58da5
85e225446c6a5b2f2bcc5937fe539b418cb3a201297b50176afef6ddfda390d8
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
936e2a79b73ecbd8d53e825de3c18ba942ba0896065872a266115ebe7904bc69
93d25cfbf5f1ac33abd16099541497b255367f275b61f7fe8d4d71cc68200753
98d4cc7865a66aef79b6abb61e02b91312f5922799494d8f277d80ca5ee29cec
a095f2110083c0b41096041d4a28ffaa1fec8af6325ab74c01b11ec81f75aba1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9df1feb673e3e5bb842a1f065c9418518257d3f4c52258037e40fd8b88b891d
aed94c60022686bc5f3101aa6bff0a64a7b0f3f605268041d610419f073c8722
b2f98a3a74e3eeda1cfa5bdc53fa04f6d0b9b3c686da868296848924a629736a
b5270d2cc8f3744c6acd38f7483253ef107c1b6c6ac78eaaa2dd4e3628efb474
be2fda9ac40f2fc1ef759b3f6b6fcd05bb3d7189f8599b57bc2329d4bfbfcea6
bf7d2314800d4427b41f47c5db072df23daa081dd2e8750f2e4d01832b53465b
c2ada571635aeb7434fe7122405687d7b15438253e678d1e1edf182a64c36802
c3d59712393b786d034b66ed0d6f749e8d1bb04514ca218c84b10e7fe22bbbeb
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5
c733ddd64eb2e71e0fb974ba8ca143f78d63edf70c383834bdb0585e63929279
cbcfa87fa97d4f60ace8d50983766a21457eae3f0444740aeebd231d4c20a739
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd579103b9e9c5899bc3000e911318a0d1e6f220c9fa0516595909f5d9ef2726
d1a971b355029a455549857099740f259d459f49ffecf5e73041c491fb21aa28
d44b049f76abb95dd7cb522ab42430fbe9cf994349b0abdb0d53dee6770ec8d5
d663ad6a421f3a2443aac5e739bc6b4baa86c57912523962f698da5c8a5a0777
d7c6c113eb568f57d331a102fcc98e56837b3b7c74541aea08353937029fbfe0
d9262c7c29004ee567cc9c2d0ab2d8d195120274834f0fd44c1c538238d79f6c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
df2fc8f6ec3041910c40e8adae73df3be3c3013cec1af2b425590315177c0634
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41fa75910f4b47b2bbbb707aa394a33b9e273f2cfaf521da4b6c8ece92b6430
e43a41ce6d7460d0aac2c9aeb5c3300123effe58dc9f68eeb88271bbba879575
e581c3bf6f9547d2b323c8e1ab6546470435b69417d12984bc0fb08c90307112
ec86d28c9a24dd65bdd5d4f3595d948ee4e3f1e1f1b8df886367bc130a9092b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effb5f5492673f02f67c05cc611fd83852530510fc017f97c66beb2d3883a90f
f060a56e85c6544e59bcf31bc62db9b7e455e97779bfc16906754b16c295a173
f06df3e704347279f6dbbcc5321188a4b96d35a230b26d809e71151c7ff5bbb2
f0b04c953e63741bb2b01365e41b0273a7517f34f538ae46f38a22ef94896cad
f302819f800bc68fdfdf3cad6214240248af78d7071488b2149d2378c105fbf3
f38e82eb3a1f51fdb5f9d8151c045e316baa09dde94743abf3807cc5d3276530
f70d1786c9d8f85e609dd934ff674b791e2d5adccfdf43d63ba8d168bbe64175
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
fa4438f4a34aeb7e17df15b02f3456db77358e41f815727adc422a714715974e
fc7ee68349904e4e437f60d51cebe48b6bc66caf731730e768d4f8077ae08fc6
fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd