urlscan.io logo urlscan.io
SecurityTrails logo

balta.io Open in urlscan Pro
104.41.13.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://balta.io/
Effective URL: https://balta.io/
Submission: On February 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 50 HTTP transactions. The main IP is 104.41.13.179, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is balta.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 18th 2023. Valid for: a year.
This is the only time balta.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.41.13.179 8075 (MICROSOFT...)
16 20.60.36.65 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
5 18.239.63.216 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 34.68.90.188 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
50 18
3    104.41.13.179 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
balta.io
16    20.60.36.65 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
baltaio.blob.core.windows.net
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
5    18.239.63.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-63-216.ams58.r.cloudfront.net
d335luupugsy2.cloudfront.net
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com
forms.rdstation.com.br
popups.rdstation.com.br
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
16 windows.net
baltaio.blob.core.windows.net
1 MB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4439
onesignal.com — Cisco Umbrella Rank: 1408
img.onesignal.com — Cisco Umbrella Rank: 8037
91 KB
5 cloudfront.net
d335luupugsy2.cloudfront.net
138 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2173
21 KB
3 gstatic.com
fonts.gstatic.com
129 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
196 KB
3 balta.io
balta.io
13 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
18 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 171
70 KB
2 rdstation.com.br
forms.rdstation.com.br — Cisco Umbrella Rank: 323272
popups.rdstation.com.br — Cisco Umbrella Rank: 99870
37 KB
2 gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 3950
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
341 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 2408
51 KB
50 15
Domain Requested by
16 baltaio.blob.core.windows.net balta.io
5 d335luupugsy2.cloudfront.net balta.io
d335luupugsy2.cloudfront.net
3 onesignal.com cdn.onesignal.com
3 fonts.gstatic.com baltaio.blob.core.windows.net
fonts.googleapis.com
3 www.googletagmanager.com balta.io
www.googleoptimize.com
www.googletagmanager.com
3 balta.io 1 redirects balta.io
2 cdnjs.cloudflare.com client
d335luupugsy2.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net balta.io
connect.facebook.net
2 cdn.onesignal.com balta.io
cdn.onesignal.com
2 www.gravatar.com balta.io
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 img.onesignal.com
1 fonts.googleapis.com d335luupugsy2.cloudfront.net
1 www.facebook.com balta.io
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 forms.rdstation.com.br d335luupugsy2.cloudfront.net
1 www.googleoptimize.com balta.io
50 19
Subject Issuer Validity Valid
*.balta.io
Go Daddy Secure Certificate Authority - G2		 2023-08-18 -
2024-09-18		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 02		 2024-01-18 -
2024-06-27		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
forms.rdstation.com.br
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-17 -
2024-02-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
onesignal.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh
popups.rdstation.com.br
R3		 2023-12-09 -
2024-03-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://balta.io/
Frame ID: 33F6BFD771336B70107E92D5EEA7E005
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bem vindo | balta.io

Page URL History Show full URLs

  1. http://balta.io/ HTTP 301
    https://balta.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • uikit.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

76 %
IPv6

15
Domains

19
Subdomains

18
IPs

5
Countries

2115 kB
Transfer

3679 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://balta.io/ HTTP 301
    https://balta.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
balta.io/
Redirect Chain
  • http://balta.io/
  • https://balta.io/
48 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.41.13.179 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
13bec3f4f3d404809766538c7303b7a32fb6bd5e0df4ddc4b12bf5b40e42ac09
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
11171
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Feb 2024 19:19:50 GMT
Request-Context
appId=cid-v1:6b6186b6-87ca-47ab-b00a-607ba720c147
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Content-Length
0
Date
Wed, 07 Feb 2024 19:19:49 GMT
Location
https://balta.io/
uikit.balta.carnival.min.css
baltaio.blob.core.windows.net/static/css/ 		112 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/css/uikit.balta.carnival.min.css?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
52abe9fc6a311a4677edff531c0eed9e4e70b6e8f367d5e96690498e6c1ab7c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:51 GMT
Last-Modified
Fri, 02 Feb 2024 12:47:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
I2m1y+U5aFCRm6Dvki4tEg==
ETag
0x8DC23ED17CEEAA9
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
117b0c4e-c01e-0072-7ffa-59e9c1000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
114223
site.css
balta.io/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balta.io/css/site.css?v=6vedYo0KKyWhjuxCO0kHX__OPm8mDJmtI1_F3MXD_Tg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.41.13.179 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
043b427bb5697d2592f988576a116b9b27efa0da802b9823f39c74e7c2df983f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 07 Feb 2024 19:19:50 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 05 Feb 2024 16:35:12 GMT
Server
Microsoft-IIS/10.0
ETag
"1da58514a1f3514"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1177
Request-Context
appId=cid-v1:6b6186b6-87ca-47ab-b00a-607ba720c147
optimize.js
www.googleoptimize.com/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K3JPLW9
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00c9422907eb445caf375ba9d79b9fcad8c277d5d249ad6cd3f035e8bcd3b087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52211
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Feb 2024 19:19:50 GMT
balta-logo-carnival.svg
baltaio.blob.core.windows.net/static/images/dark/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/dark/balta-logo-carnival.svg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0690a080695865aacf7fc204ef49d3515c8b3c69e1803e4558ea3e34d69ef1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:51 GMT
Last-Modified
Fri, 02 Feb 2024 10:50:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fwWUfLgRcKkldnp80todQw==
ETag
0x8DC23DCC6F2EEEC
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
965db955-801e-0073-17fa-59b61d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
12289
carnacode-banner-site.jpg
baltaio.blob.core.windows.net/temp/ 		349 KB
350 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/temp/carnacode-banner-site.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4668f1e517830372f4c55a3c14942a8400307c9bbc19e33173918b0893f77700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:51 GMT
Last-Modified
Mon, 05 Feb 2024 13:22:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zhxOMkHPDOWcPfsf5hVpbw==
ETag
0x8DC264D829792CB
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
92c6aaf0-101e-0003-19fa-590fea000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
357771
carnacode-banner-mobile.jpg
baltaio.blob.core.windows.net/temp/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/temp/carnacode-banner-mobile.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a97be2a22306948f6211ab7fd3a17bf7451e7454760d365784298faaa980b60e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:51 GMT
Last-Modified
Mon, 05 Feb 2024 13:22:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
NecKYmhxy4Lb+D9Xr0xbVA==
ETag
0x8DC264D8291315C
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
965dba24-801e-0073-53fa-59b61d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
239321
instructor.jpg
baltaio.blob.core.windows.net/static/images/website/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/website/instructor.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d2cede7f8a89380aece94eabc7e441ceb2e685c49946de2a43f5f80d09e85fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Tue, 08 Sep 2020 16:23:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lKWBSWiox+9OFSnaTR761g==
ETag
0x8D854138763829E
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
117b0ef2-c01e-0072-69fa-59e9c1000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
76785
e65275d765e3d5f936388b9968a8b2c6
www.gravatar.com/avatar/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/e65275d765e3d5f936388b9968a8b2c6?s=64&d=mp
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
effd17ed50b123d1f66c881526f3eea6f7aee5e409a4630f8db87b6e56430d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Feb 2024 19:19:52 GMT
last-modified
Wed, 04 Aug 2021 00:27:40 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e65275d765e3d5f936388b9968a8b2c6.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e65275d765e3d5f936388b9968a8b2c6?s=64&d=mp>; rel="canonical"
content-length
7888
alt-svc
h3=":443"; ma=86400
expires
Wed, 07 Feb 2024 19:24:52 GMT
bd2f5a21d3cf08081ed107588a80f36f
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/bd2f5a21d3cf08081ed107588a80f36f?s=64&d=mp
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
30a834ee07a673d7ff8b63fb7d6941245a2ca50070e0898e49b805a3f135976e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Feb 2024 19:19:52 GMT
last-modified
Fri, 19 Jun 2020 12:10:31 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="bd2f5a21d3cf08081ed107588a80f36f.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/bd2f5a21d3cf08081ed107588a80f36f?s=64&d=mp>; rel="canonical"
content-length
2835
alt-svc
h3=":443"; ma=86400
expires
Wed, 07 Feb 2024 19:24:52 GMT
vanessa-martins.jpg
baltaio.blob.core.windows.net/static/images/feedbacks/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/feedbacks/vanessa-martins.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aca5da31950b292688162b3e72a9aace38b3d7454d8566920305c20f5657cc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Wed, 05 Aug 2020 23:16:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ph6PK5gh5FqhU07nL9cAoA==
ETag
0x8D83995919463E0
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
965dbde0-801e-0073-5dfa-59b61d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
144229
csharp-600x300.jpg
baltaio.blob.core.windows.net/static/images/tags/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/tags/csharp-600x300.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
983d21fd5b10d2ed5a53507fa2b47bbd5838b35b40a4dc3d7ced01f333f108bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Tue, 25 Aug 2020 13:52:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zhXw4jHn5BB869jJqofiMQ==
ETag
0x8D848FE1C448E10
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
92c6b0dc-101e-0003-23fa-590fea000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
15420
flutter-600x300.jpg
baltaio.blob.core.windows.net/static/images/tags/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/tags/flutter-600x300.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
54b3f0a767db1a348399af38cebba3f511932124a9013435684b9e486793e29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Tue, 25 Aug 2020 13:52:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
BRnf/5KhNxiJmWzNnBmMsQ==
ETag
0x8D848FE1C4774C4
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
d24c3865-901e-006f-65fa-59e47d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
13839
angular-600x300.jpg
baltaio.blob.core.windows.net/static/images/tags/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/tags/angular-600x300.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c1941f9d13f271f5d8fbfe4dd598881161192d68c9d6e9772e7f9cc1f7cb792f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Tue, 25 Aug 2020 13:52:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
84BqdZ5otWiAb85OMQ3aoQ==
ETag
0x8D848FE1C1E3A59
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
117b1198-c01e-0072-5dfa-59e9c1000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
17701
uikit.min.js
baltaio.blob.core.windows.net/static/js/ 		130 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/uikit.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
89dfef34c5f15e2b06d6d6e4f02fee2c6885da723579aa0289df389c69ad11b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Tue, 09 Mar 2021 00:30:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XX5isJ9owELTrjjsmcMu/Q==
ETag
0x8D8E292900BD3E0
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
117b0fd1-c01e-0072-37fa-59e9c1000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=864000, public, must-revalidate
x-ms-version
2009-09-19
Content-Length
132975
uikit-icons.min.js
baltaio.blob.core.windows.net/static/js/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/uikit-icons.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94bfbecc71a11c2f77dc5d4df18fe185633f34f017ade7c8c2e724567b75bab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Tue, 09 Mar 2021 00:30:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SJhJXgWg5H9xvToIyf8Wsg==
ETag
0x8D8E2928BC7E85F
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
965dbd2b-801e-0073-2bfa-59b61d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=864000, public, must-revalidate
x-ms-version
2009-09-19
Content-Length
79180
jquery-3.5.1.min.js
baltaio.blob.core.windows.net/static/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/jquery-3.5.1.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
3F5/GMjTasHT1HU6h8mNCg==
ETag
0x8D81F73DD4D6644
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
92c6aff5-101e-0003-4bfa-590fea000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
89476
jquery.validate.min.js
baltaio.blob.core.windows.net/static/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/jquery.validate.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AU6B3RoxveUz68EYKOrySA==
ETag
0x8D81F73DA03E4E9
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
117b10be-c01e-0072-17fa-59e9c1000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
24443
jquery.validate.unobtrusive.min.js
baltaio.blob.core.windows.net/static/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/jquery.validate.unobtrusive.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fIU56KuOHLY+qEFGoABkVQ==
ETag
0x8D81F73D9FA946B
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
824633f1-001e-0052-3ffa-599266000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
5871
additional-methods.min.js
baltaio.blob.core.windows.net/static/js/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/additional-methods.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KKVvtMe2U8NLjzPH/hOxFw==
ETag
0x8D81F73D9F49FE8
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
5b3cf960-501e-0084-27fa-599c8f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
22660
89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-216.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47956e0112c13b2249cbd631633a70b78754799f44787d4bd179929c7e76b741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
Wix_c8TP7ACOy89nCYujMWmI522RZa7B
content-encoding
gzip
via
1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 19:19:54 GMT
last-modified
Wed, 02 Aug 2023 04:31:28 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
etag
W/"f67182262425db27d1e77a944f733ff1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
Qb8H79X87j4nYzsnHXrwqfJkHn5JtE0q1oX5YuMjSXg74oXhuf6ueA==
rdstation-forms.min.js
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 		216 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-216.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8b69073abd76ef6fb071117441e540edeaa4ebb410a5b3a1e8b1b0107f28a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 13:51:33 GMT
content-encoding
gzip
via
1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
x-amz-version-id
obp5qxHzXS_FGV94LSMVNEUTDe9c.3b9
x-amz-cf-pop
AMS58-P4
age
14707700
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
55755
last-modified
Mon, 21 Aug 2023 13:51:30 GMT
server
AmazonS3
etag
"34148b7d6171c9422f298cf19e3a03bb"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
EacK_CM2uMMuukFfL6MZNuu0ZCieUoPK1xVypWy8ui4vyvYkkbxvYA==
js
www.googletagmanager.com/gtag/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48664517-12
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5717a9ba6a52c16969a6edb6c2a8974aa37544aec8b477e34585cf49366f009e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53368
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Feb 2024 19:19:52 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1796
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
851dfca869a62bdf-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 10 Feb 2024 19:19:52 GMT
balta-logo-carnival.svg
baltaio.blob.core.windows.net/static/images/dark/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/dark/balta-logo-carnival.svg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0690a080695865aacf7fc204ef49d3515c8b3c69e1803e4558ea3e34d69ef1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 07 Feb 2024 19:19:52 GMT
Last-Modified
Fri, 02 Feb 2024 10:50:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fwWUfLgRcKkldnp80todQw==
ETag
0x8DC23DCC6F2EEEC
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
d24c3987-901e-006f-77fa-59e47d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
12289
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41cfd45a7062d2cc4c0031a6eadc3ff691acb47a1e1648b27374fc687ddad0c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmRTM.ttf
fonts.gstatic.com/s/nunito/v26/ 		123 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmRTM.ttf
Requested by
Host: baltaio.blob.core.windows.net
URL: https://baltaio.blob.core.windows.net/static/css/uikit.balta.carnival.min.css?v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d74c0c81b17e966ff2bacf8014dcf0f32120bf17136fd9b2243a466a1ec4ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baltaio.blob.core.windows.net/
Origin
https://balta.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 11:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57065
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:10:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 11:06:03 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDIkhRTM.ttf
fonts.gstatic.com/s/nunito/v26/ 		123 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDIkhRTM.ttf
Requested by
Host: baltaio.blob.core.windows.net
URL: https://baltaio.blob.core.windows.net/static/css/uikit.balta.carnival.min.css?v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a1aee064181ed48f1fcf8012d411d38cbae5579e1ac165ce14bb2ba81bf45ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baltaio.blob.core.windows.net/
Origin
https://balta.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 05:27:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57939
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:10:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 05:27:21 GMT
newsletter-site-2020-3abf120030efac79c090
forms.rdstation.com.br/ 		36 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.rdstation.com.br/newsletter-site-2020-3abf120030efac79c090
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
ebc77596138fb35a9b73dc7715a26dfe082ded1a5ee2a2fd339a0d5ebb2dc35e
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
date
Wed, 07 Feb 2024 19:19:53 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
text/html
access-control-allow-origin
*
content-length
37246
js
www.googletagmanager.com/gtag/ 		134 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48664517-12&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-K3JPLW9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec036063c944980a531f93369d9499319d9cfa7b5d85b8c271d0d9b23bd3fbc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
52293
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Feb 2024 19:19:53 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 19:19:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
GQPYoi6YrsYlJeaOzotNM0RAtOuEyKpT3D1Mp3NL52zJIOo+u5vwIT3aveyT8MuFro+YD2ilU9Uex8CIzO/0Ng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1804
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
851dfcae7d562bdf-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 10 Feb 2024 19:19:53 GMT
bundle.js
d335luupugsy2.cloudfront.net/scout/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-216.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:55 GMT
content-encoding
gzip
via
1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
x-amz-version-id
xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified
Thu, 28 Jan 2021 17:27:51 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
etag
W/"88819ce057f99124674a75d611e4f53a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-amz-cf-id
PR2i6tmsPLYbE1SNJWgpuHbpCeJaqH1NV2I2Q6HsfAnrqiSRpBTTqQ==
js
www.googletagmanager.com/gtag/ 		275 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-48540TXV4B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48664517-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
180ac8a007215d8580d1ca53b38c84aae292c95c48163067fa70d5dabeaa39c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93935
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Feb 2024 19:19:53 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48664517-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Feb 2024 17:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5504
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 07 Feb 2024 19:48:09 GMT
web
onesignal.com/api/v1/sync/0241ee6c-703e-4fb8-aa73-91a27039ea52/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0241ee6c-703e-4fb8-aa73-91a27039ea52/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fccadcb95d505c65a65a8d16666f65653efa5f777813ab7605c4fea796e234a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
964ebaa6-7ca7-4ee4-b588-d1154de2b9bb
x-runtime
0.028631
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fccadcb95d505c65a65a8d16666f6565"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
851dfcaf3eba2bdf-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 07 Feb 2024 20:19:53 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-48540TXV4B&gtm=45je4250v879285469za200&_p=1707333593337&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=891879928.1707333593&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707333593&sct=1&seg=0&dl=https%3A%2F%2Fbalta.io%2F&dt=Bem%20vindo%20%7C%20balta.io&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3957
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48540TXV4B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 19:19:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balta.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2103933125&t=pageview&_s=1&dl=https%3A%2F%2Fbalta.io%2F&ul=en-us&de=UTF-8&dt=Bem%20vindo%20%7C%20balta.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1414063620&gjid=214164812&cid=891879928.1707333593&tid=UA-48664517-12&_gid=565493725.1707333593&_r=1&gtm=457e4250za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=870027596
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://balta.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 19:19:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balta.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48664517-12&cid=891879928.1707333593&jid=1414063620&gjid=214164812&_gid=565493725.1707333593&_u=YADAAUAAAAAAACAAI~&z=1037471434
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://balta.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Feb 2024 19:19:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balta.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
140466216814592
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/140466216814592?v=2.9.145&r=stable&domain=balta.io&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9fa048200e2b158f35f8e9c7840162c35f0cc873b0ca00178fb04ebd04316d04
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 19:19:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
vvK817OCwPqyjLhf8TR4tBf6dycmv0pwC3MPKumFE2H0xdviWOmoujMU2qmGWZO9rJt8p2n3DKCCOytro9gzNQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1773
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
851dfcb00ad63657-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 19:19:53 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=140466216814592&ev=PageView&dl=https%3A%2F%2Fbalta.io%2F&rl=&if=false&ts=1707333593776&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707333593774.213769803&cs_est=true&ler=empty&cdl=API_unavailable&it=1707333593582&coo=false&exp=e1&rqm=GET
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Feb 2024 19:19:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css
fonts.googleapis.com/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f98802d14e93b69ff548569a07b6cfd52a9375473736ec64a13ed2a43abfb817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Feb 2024 19:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 19:19:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Feb 2024 19:19:54 GMT
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6104267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2295
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-38aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEfapCjNabOQ%2BltFyDsifb5EegrZ69L1IqXV6ZEhBv9y0guXVY7l0sZoNrSmu1qo3EEK5ek8TWG%2Bw8cfyKFG587H3BUAAbjmUfO2T8VTO0KoNlDiU5E9PnOL%2FYPWNZ2x95l0tN1Mre3UCOzJ%2BEwmq2fx"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
851dfcb3a9e89066-FRA
expires
Mon, 27 Jan 2025 19:19:54 GMT
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6093083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15507
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-10424"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s%2B5zQxaxtrJtDMeDx3SOlHd%2B%2FIuFzo1JeGQQjhxq9meYorJgXqBpExRexEYaABvkniprfcCh6mfM1K%2FCI5Y2sc7jq0mPOzeojXwiUhNdak1YG%2F2z5yKJfFif9or3gdw3rZco401dpfykjJbhqG%2FibWx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
851dfcb3a9ea9066-FRA
expires
Mon, 27 Jan 2025 19:19:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://balta.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 18:50:29 GMT
x-content-type-options
nosniff
age
88165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 18:50:29 GMT
icon
onesignal.com/api/v1/apps/0241ee6c-703e-4fb8-aa73-91a27039ea52/ 		192 B
754 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/0241ee6c-703e-4fb8-aa73-91a27039ea52/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5e336a547a0ac4900c45bfb077a8bcaa64fe4b41b572d44ea7079f9fa79e87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 19:19:54 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
14f0ceb1-13b0-4242-8f59-69312fd2b30d
x-runtime
0.014249
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"dd5e336a547a0ac4900c45bfb077a8bc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
851dfcb75d26694c-FRA
access-control-allow-headers
SDK-Version
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 		202 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-216.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
p5CvNmBR8Hi2L2KZd2nEga.lokO16FDg
content-encoding
gzip
via
1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 05:53:11 GMT
last-modified
Mon, 29 Jan 2024 17:45:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
60603
x-amz-server-side-encryption
AES256
etag
"ebe3e4ed1116d2f30c297f590cf2bfc7"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
56869
x-amz-cf-id
WFsX8a2cZIjf1NS9SYKAQbioiqaiPMjRPLDayZwHU9iZVjmywobchg==
rd-js-integration.min.js
d335luupugsy2.cloudfront.net/js/integration/2.0.0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-216.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
3dngmS.4H4nxkAQ1dQ4Zed.bkb2I4WUy
content-encoding
gzip
via
1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 06:20:59 GMT
x-amz-cf-pop
AMS58-P4
age
46752
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9976
last-modified
Wed, 29 Mar 2023 14:01:04 GMT
server
AmazonS3
etag
"a101060a6ec593b54e9c4227f96e2695"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
x-amz-cf-id
aW-DQOunCo8AwwPEJXaA7D2I8kPicLaPQWFC32culVT94Yq4gog4Sw==
882c90d5-d5e3-4b38-9499-c408ed87fd6a.png
img.onesignal.com/permanent/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/882c90d5-d5e3-4b38-9499-c408ed87fd6a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c4eabbd9eeb775a719cce1593a42fcb37a5147f425fdaf8bed1bd8a675f747
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Wed, 07 Feb 2024 19:19:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
ABPtcPrewSq5Y7Gq29qUSrDtOeBsFebcsJlqKwFz_CUYwdBG1wVSnqhmPKICbha6V3YRTG9Svi0
x-goog-meta-x-goog-source-etag
"bbfa4e777043053ccb481c96121e2ffe"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
7003
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:39:19 GMT
server
cloudflare
etag
"-CNeHwauLlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676345959531479
content-type
application/octet-stream
x-goog-hash
crc32c=m3o72A==, md5=u/pOd3BDBTzLSByWEh4v/g==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
7003
accept-ranges
bytes
cf-ray
851dfcb80ee42bdf-FRA
expires
Sat, 09 Mar 2024 19:19:54 GMT
show.json
popups.rdstation.com.br/popup/ 		13 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=55993&uniq=_763n1m9c0&ref=aHR0cHM6Ly9iYWx0YS5pby8%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balta.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
date
Wed, 07 Feb 2024 19:19:55 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
*
content-length
13

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_tag_manager object| google_tag_data object| dataLayer object| google_optimize function| UIkit function| UIkitIcons function| $ function| jQuery object| RdstationForms function| RDStationForms function| gtag function| fbq function| _fbq function| OneSignal function| loadScoutScript object| RDStation object| RDCookieControl function| initScoutBanner boolean| RDStationTrackingCodeChecker string| GoogleAnalyticsObject function| ga number| __oneSignalSdkLoadCount function| __jp0 function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| Select2 function| CookieConsent function| Scout object| RdstationPopup object| credentials object| RdstationFormsIntegration

8 Cookies

Domain/Path Name / Value
.balta.io/ Name: ARRAffinity
Value: 83f23ae8dfaa8a0533d66b8a922e407f4786668a702f4c1568fb5c1e8e5aaeed
.balta.io/ Name: ARRAffinitySameSite
Value: 83f23ae8dfaa8a0533d66b8a922e407f4786668a702f4c1568fb5c1e8e5aaeed
.onesignal.com/ Name: __cf_bm
Value: EcPpYv_5mp6kMHs.bVDdi5zYRy2n3h1SiQsaiylpbw4-1707333592-1-AQyJTzPgadKAT2UFeBLoQV6qbe0l6rzQ8eAdiUWQWlJ2eBhLUYTcrCy9acNvP+sB8B3ykQjictaMOHef8yl8Y5o=
.balta.io/ Name: _ga_48540TXV4B
Value: GS1.1.1707333593.1.0.1707333593.0.0.0
.balta.io/ Name: _ga
Value: GA1.2.891879928.1707333593
.balta.io/ Name: _gid
Value: GA1.2.565493725.1707333593
.balta.io/ Name: _gat_gtag_UA_48664517_12
Value: 1
.balta.io/ Name: _fbp
Value: fb.1.1707333593774.213769803

7 Console Messages

Source Level URL
Text
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/140466216814592?v=2.9.145&r=stable&domain=balta.io&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
deprecation warning URL: https://baltaio.blob.core.windows.net/static/js/uikit.min.js?v1(Line 2)
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balta.io
baltaio.blob.core.windows.net
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
img.onesignal.com
onesignal.com
popups.rdstation.com.br
region1.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.gravatar.com
104.41.13.179
18.239.63.216
20.60.36.65
2001:4860:4802:32::36
2606:4700::6811:180e
2606:4700::6812:d63b
2606:4700::6812:d73b
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:829::200e
2a00:1450:400c:c00::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
34.68.90.188
00c9422907eb445caf375ba9d79b9fcad8c277d5d249ad6cd3f035e8bcd3b087
043b427bb5697d2592f988576a116b9b27efa0da802b9823f39c74e7c2df983f
13bec3f4f3d404809766538c7303b7a32fb6bd5e0df4ddc4b12bf5b40e42ac09
180ac8a007215d8580d1ca53b38c84aae292c95c48163067fa70d5dabeaa39c6
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474
2d2cede7f8a89380aece94eabc7e441ceb2e685c49946de2a43f5f80d09e85fb
30a834ee07a673d7ff8b63fb7d6941245a2ca50070e0898e49b805a3f135976e
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41cfd45a7062d2cc4c0031a6eadc3ff691acb47a1e1648b27374fc687ddad0c6
4668f1e517830372f4c55a3c14942a8400307c9bbc19e33173918b0893f77700
47956e0112c13b2249cbd631633a70b78754799f44787d4bd179929c7e76b741
52abe9fc6a311a4677edff531c0eed9e4e70b6e8f367d5e96690498e6c1ab7c9
54b3f0a767db1a348399af38cebba3f511932124a9013435684b9e486793e29e
5717a9ba6a52c16969a6edb6c2a8974aa37544aec8b477e34585cf49366f009e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c
7a1aee064181ed48f1fcf8012d411d38cbae5579e1ac165ce14bb2ba81bf45ed
7d74c0c81b17e966ff2bacf8014dcf0f32120bf17136fd9b2243a466a1ec4ca7
89dfef34c5f15e2b06d6d6e4f02fee2c6885da723579aa0289df389c69ad11b3
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
94bfbecc71a11c2f77dc5d4df18fe185633f34f017ade7c8c2e724567b75bab2
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
97c4eabbd9eeb775a719cce1593a42fcb37a5147f425fdaf8bed1bd8a675f747
983d21fd5b10d2ed5a53507fa2b47bbd5838b35b40a4dc3d7ced01f333f108bf
9fa048200e2b158f35f8e9c7840162c35f0cc873b0ca00178fb04ebd04316d04
a0690a080695865aacf7fc204ef49d3515c8b3c69e1803e4558ea3e34d69ef1f
a97be2a22306948f6211ab7fd3a17bf7451e7454760d365784298faaa980b60e
aca5da31950b292688162b3e72a9aace38b3d7454d8566920305c20f5657cc63
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
c1941f9d13f271f5d8fbfe4dd598881161192d68c9d6e9772e7f9cc1f7cb792f
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd5e336a547a0ac4900c45bfb077a8bcaa64fe4b41b572d44ea7079f9fa79e87
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b69073abd76ef6fb071117441e540edeaa4ebb410a5b3a1e8b1b0107f28a6a
ebc77596138fb35a9b73dc7715a26dfe082ded1a5ee2a2fd339a0d5ebb2dc35e
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec036063c944980a531f93369d9499319d9cfa7b5d85b8c271d0d9b23bd3fbc9
effd17ed50b123d1f66c881526f3eea6f7aee5e409a4630f8db87b6e56430d35
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
f98802d14e93b69ff548569a07b6cfd52a9375473736ec64a13ed2a43abfb817
fccadcb95d505c65a65a8d16666f65653efa5f777813ab7605c4fea796e234a5