balleralert.com Open in urlscan Pro
172.66.43.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://balleralert.com/
Effective URL:
https://balleralert.com/
Submission: On February 18 via api (February 18th 2022, 8:45:34 pm UTC) from GB — Scanned from GB

Summary HTTP 477 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 97 IPs in 9 countries across 75 domains to perform 477 HTTP transactions. The main IP is 172.66.43.28, located in United States and belongs to CLOUDFLARENET, US. The main domain is balleralert.com. The Cisco Umbrella rank of the primary domain is 887254.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.

This is the only time balleralert.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 65	172.66.43.28 172.66.43.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
12	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:2250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.96.118 143.204.96.118	16509 (AMAZON-02) (AMAZON-02)
1	54.231.98.91 54.231.98.91	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:20:... 2606:4700:20::ac43:45e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.32.243.206 23.32.243.206	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.113 143.204.98.113	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.43 143.204.98.43	16509 (AMAZON-02) (AMAZON-02)
15	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 4	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f16:bc:... 2600:1f16:bc:1202:21b8:ab1d:2133:69ff	16509 (AMAZON-02) (AMAZON-02)
18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.212.80.11 34.212.80.11	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
11	199.232.210.84 199.232.210.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
8	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:a7e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	8.2.111.126 8.2.111.126	46636 (NATCOWEB) (NATCOWEB)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
5	54.77.66.11 54.77.66.11	16509 (AMAZON-02) (AMAZON-02)
1 14	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
3	23.0.33.234 23.0.33.234	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
1	192.0.78.22 192.0.78.22	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a04:4e42:4e:... 2a04:4e42:4e::269	54113 (FASTLY) (FASTLY)
1	54.194.157.24 54.194.157.24	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:12d... 2a02:26f0:12d:587::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:12d... 2a02:26f0:12d:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:402... 2607:f8b0:4024:c00::78	15169 (GOOGLE) (GOOGLE)
3	213.254.244.26 213.254.244.26	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4016:7::9	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4016::8	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
5 5	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
6 22	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3 8	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
11 16	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:e2:b8c:776b:b484	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 5	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
16	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
2 2	54.229.233.249 54.229.233.249	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
3 6	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	50.31.142.159 50.31.142.159	23352 (SERVERCEN...) (SERVERCENTRAL)
4 6	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.213.251.128 52.213.251.128	16509 (AMAZON-02) (AMAZON-02)
1	72.251.245.179 72.251.245.179	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
6 10	52.31.255.117 52.31.255.117	16509 (AMAZON-02) (AMAZON-02)
1 1	54.228.17.128 54.228.17.128	16509 (AMAZON-02) (AMAZON-02)
3 5	18.157.193.122 18.157.193.122	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	() ()
3 3	85.114.159.118 85.114.159.118	() ()
6 6	35.201.96.126 35.201.96.126	() ()
3	185.64.189.229 185.64.189.229	() ()
3 6	77.243.60.138 77.243.60.138	() ()
3 3	3.126.56.137 3.126.56.137	() ()
3 3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	() ()
1 1	146.0.227.109 146.0.227.109	() ()
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
3 3	159.65.197.210 159.65.197.210	() ()
3	2a02:fa8:8806... 2a02:fa8:8806:13::1370	() ()
477	97

65 172.66.43.28 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

balleralert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2250 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.96.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-96-118.fra50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.98.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45e7 (United States)

ASN13335 (CLOUDFLARENET, US)

console.adgrid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.243.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-206.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net

prod.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-43.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.137 (United States) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:bc:1202:21b8:ab1d:2133:69ff (Columbus, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.80.11 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-80-11.us-west-2.compute.amazonaws.com

adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.232.210.84 (United States)

ASN54113 (FASTLY, US)

www.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a7e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.77.66.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.252.172.37 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

public-api.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:4e::269 (United States)

ASN54113 (FASTLY, US)

ww.api.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.157.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-157-24.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static-exp1.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:12d:587::4469 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:12d:587::1e80 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4024:c00::78 (Clarksville, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016:7::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-h0jelnes.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-h0jeln7e.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.108.145.8 (Berlin, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.34 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:e2:b8c:776b:b484 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.5.142 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.210.112.63 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.233.249 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.154.242 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.159 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.242.53 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.251.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-251-128.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.31.255.117 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-255-117.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.17.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.157.193.122 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-193-122.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (None, ) 3 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.96.126 (None, ) 6 redirects

ASN- ()

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.229 (None, )

ASN- ()

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.60.138 (None, ) 3 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (None, ) 3 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (None, ) 3 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (None, ) 1 redirects

ASN- ()

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (None, ) 3 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.65.197.210 (None, ) 3 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1370 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	balleralert.com 1 redirects balleralert.com — Cisco Umbrella Rank: 887254	771 KB
48	doubleclick.net 12 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 bid.g.doubleclick.net — Cisco Umbrella Rank: 448 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	403 KB
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 ade.googlesyndication.com — Cisco Umbrella Rank: 261	417 KB
44	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420 ads.pubmatic.com — Cisco Umbrella Rank: 429 image6.pubmatic.com — Cisco Umbrella Rank: 582 image2.pubmatic.com — Cisco Umbrella Rank: 752 simage2.pubmatic.com — Cisco Umbrella Rank: 552 image4.pubmatic.com — Cisco Umbrella Rank: 738 simage4.pubmatic.com aud.pubmatic.com	56 KB
31	wp.com c0.wp.com — Cisco Umbrella Rank: 6586 stats.wp.com — Cisco Umbrella Rank: 2460 i0.wp.com — Cisco Umbrella Rank: 2614 pixel.wp.com — Cisco Umbrella Rank: 2394 i2.wp.com — Cisco Umbrella Rank: 5216 i1.wp.com — Cisco Umbrella Rank: 5444	2 MB
26	gstatic.com fonts.gstatic.com ssl.gstatic.com csi.gstatic.com	111 KB
19	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 427 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	21 KB
18	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 547	90 KB
17	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 86 adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 62	225 KB
15	iheart.com www.iheart.com — Cisco Umbrella Rank: 7465 i.iheart.com — Cisco Umbrella Rank: 9035 ww.api.iheart.com — Cisco Umbrella Rank: 543294	150 KB
14	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 263 s.amazon-adsystem.com — Cisco Umbrella Rank: 266	46 KB
13	rubiconproject.com 4 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 436 eus.rubiconproject.com — Cisco Umbrella Rank: 512 token.rubiconproject.com — Cisco Umbrella Rank: 593 pixel.rubiconproject.com — Cisco Umbrella Rank: 288	17 KB
10	bidr.io 6 redirects match.prod.bidr.io — Cisco Umbrella Rank: 444	5 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1248 j.clarity.ms — Cisco Umbrella Rank: 2022 c.clarity.ms — Cisco Umbrella Rank: 693	26 KB
8	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	3 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	126 KB
7	yahoo.com 4 redirects ads.yahoo.com — Cisco Umbrella Rank: 835 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419 ups.analytics.yahoo.com	4 KB
7	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 246 gcdn.2mdn.net — Cisco Umbrella Rank: 906 r4---sn-h0jelnes.c.2mdn.net — Cisco Umbrella Rank: 599125 r3---sn-h0jeln7e.c.2mdn.net — Cisco Umbrella Rank: 743220	2 MB
7	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 8137 vtrk.doubleverify.com — Cisco Umbrella Rank: 1574 cdn.doubleverify.com — Cisco Umbrella Rank: 454 tps.doubleverify.com — Cisco Umbrella Rank: 435 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9889	116 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 407	255 KB
6	semasio.net 3 redirects uipglob.semasio.net	4 KB
6	fiftyt.com 6 redirects visitor.fiftyt.com	3 KB
6	owneriq.net 4 redirects px.owneriq.net — Cisco Umbrella Rank: 789	2 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 618	6 KB
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	2 KB
5	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1178 mwzeom.zeotap.com — Cisco Umbrella Rank: 1486	1 KB
5	onaudience.com 5 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1400	2 KB
5	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 529	2 KB
5	everesttech.net 5 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	922 B
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1367 rtb.gumgum.com — Cisco Umbrella Rank: 978	3 KB
5	colossusssp.com colossusssp.com — Cisco Umbrella Rank: 2141	1 KB
5	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3190 www.linkedin.com — Cisco Umbrella Rank: 602 px.ads.linkedin.com — Cisco Umbrella Rank: 439	321 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 505	68 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	55 KB
4	connatix.com 2 redirects cd.connatix.com — Cisco Umbrella Rank: 3152 cds.connatix.com — Cisco Umbrella Rank: 3185	476 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	197 KB
3	dotomi.com pubmatic-match.dotomi.com	310 B
3	bidtheatre.com 3 redirects match.adsby.bidtheatre.com	2 KB
3	turn.com 3 redirects ad.turn.com	2 KB
3	quantserve.com 3 redirects pixel.quantserve.com	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com	1 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	334 B
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99 partner.googleadservices.com — Cisco Umbrella Rank: 741	17 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	103 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	113 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 20824	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	849 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4441	637 B
2	licdn.com static-exp1.licdn.com — Cisco Umbrella Rank: 2597	10 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6649 certify.alexametrics.com — Cisco Umbrella Rank: 3749	3 KB
2	adspsp.com prod.adspsp.com — Cisco Umbrella Rank: 12236 adspsp.com — Cisco Umbrella Rank: 11194	77 KB
2	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4367	1 KB
2	adgrid.io console.adgrid.io — Cisco Umbrella Rank: 70058	218 KB
1	admixer.net 1 redirects inv-nets.admixer.net	584 B
1	adroll.com 1 redirects d.adroll.com — Cisco Umbrella Rank: 1329	112 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1259	408 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 187
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 523	317 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 542	299 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1545	334 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 691	612 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 619	362 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 548
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 801
1	wordpress.com public-api.wordpress.com — Cisco Umbrella Rank: 6656	3 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 4595	2 KB
0	adhigh.net Failed px.adhigh.net Failed
0	audrte.com Failed a.audrte.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
477	75

	Domain	Requested by
65	balleralert.com	1 redirects balleralert.com
24	pagead2.googlesyndication.com	balleralert.com pagead2.googlesyndication.com c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	tpc.googlesyndication.com	c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
17	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net console.adgrid.io balleralert.com c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
16	simage2.pubmatic.com	ads.pubmatic.com
16	cm.g.doubleclick.net	11 redirects console.adgrid.io ssum-sec.casalemedia.com
14	csi.gstatic.com	securepubads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com
14	ib.adnxs.com	1 redirects console.adgrid.io acdn.adnxs.com ssum-sec.casalemedia.com
12	c0.wp.com	balleralert.com
11	i0.wp.com	balleralert.com
10	match.prod.bidr.io	6 redirects ssum-sec.casalemedia.com ads.pubmatic.com
10	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
10	www.iheart.com	balleralert.com www.iheart.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googleadservices.com c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com balleralert.com
8	match.adsrvr.org	3 redirects console.adgrid.io ssum-sec.casalemedia.com
8	c.amazon-adsystem.com	console.adgrid.io c.amazon-adsystem.com
8	www.youtube.com	apis.google.com c0.wp.com www.youtube.com
8	apis.google.com	balleralert.com apis.google.com www.youtube.com accounts.google.com
7	image2.pubmatic.com	ads.pubmatic.com
6	uipglob.semasio.net	3 redirects
6	visitor.fiftyt.com	6 redirects
6	px.owneriq.net	4 redirects ssum-sec.casalemedia.com
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	ssum-sec.casalemedia.com	3 redirects js-sec.indexww.com
6	js-sec.indexww.com	console.adgrid.io ssum-sec.casalemedia.com
6	ssl.gstatic.com	accounts.google.com balleralert.com
6	fonts.gstatic.com	fonts.googleapis.com
5	x.bidswitch.net	3 redirects ssum-sec.casalemedia.com ads.pubmatic.com
5	pixel.onaudience.com	5 redirects
5	c1.adform.net	4 redirects ads.pubmatic.com
5	sync-tm.everesttech.net	5 redirects
5	ads.pubmatic.com	console.adgrid.io ads.pubmatic.com
5	colossusssp.com	console.adgrid.io
5	www.google.com	1 redirects balleralert.com c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com tpc.googlesyndication.com
5	j.clarity.ms	www.clarity.ms j.clarity.ms
4	mwzeom.zeotap.com	ads.pubmatic.com
4	image4.pubmatic.com	ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	image6.pubmatic.com	ads.pubmatic.com
4	acdn.adnxs.com	console.adgrid.io
4	imasdk.googleapis.com	c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
4	assets.adobedtm.com	www.iheart.com assets.adobedtm.com
4	c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	ww.api.iheart.com	www.iheart.com
4	g2.gumgum.com	console.adgrid.io
4	fastlane.rubiconproject.com	console.adgrid.io
4	hbopenbid.pubmatic.com	console.adgrid.io
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com balleralert.com
4	connect.facebook.net	balleralert.com connect.facebook.net
3	pubmatic-match.dotomi.com	ads.pubmatic.com
3	match.adsby.bidtheatre.com	3 redirects
3	ad.turn.com	3 redirects
3	pixel.quantserve.com	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	aud.pubmatic.com
3	dsp.adfarm1.adition.com	3 redirects
3	sync.mathtag.com	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com
3	pixel.rubiconproject.com
3	ade.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.iheart.com balleralert.com
3	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
3	i2.wp.com	balleralert.com
3	htlb.casalemedia.com	console.adgrid.io
3	www.facebook.com	balleralert.com connect.facebook.net
3	www.googletagservices.com	balleralert.com c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	bat.bing.com	balleralert.com bat.bing.com
3	fonts.googleapis.com	balleralert.com c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
3	www.googletagmanager.com	balleralert.com www.googletagmanager.com
2	loada.exelator.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	d5p.de17a.com	2 redirects
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	eus.rubiconproject.com	console.adgrid.io eus.rubiconproject.com
2	r3---sn-h0jeln7e.c.2mdn.net
2	r4---sn-h0jelnes.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	cdn.doubleverify.com	securepubads.g.doubleclick.net balleralert.com
2	static-exp1.licdn.com	www.linkedin.com
2	accounts.google.com	apis.google.com balleralert.com
2	www.linkedin.com	platform.linkedin.com
2	pixel.wp.com	balleralert.com
2	www.google.de	balleralert.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	c.clarity.ms	1 redirects balleralert.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	cds.connatix.com	balleralert.com
2	cd.connatix.com	2 redirects
2	chimpstatic.com	balleralert.com
2	console.adgrid.io	balleralert.com
2	stats.wp.com	balleralert.com
2	platform.linkedin.com	balleralert.com www.linkedin.com
2	www.clarity.ms	balleralert.com
1	inv-nets.admixer.net	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	d.adroll.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	b1sync.zemanta.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	dmp.brand-display.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	ads.yahoo.com
1	id.rlcdn.com
1	px.ads.linkedin.com
1	cs.emxdgt.com	console.adgrid.io
1	rtb.gumgum.com	console.adgrid.io
1	tps.doubleverify.com	cdn.doubleverify.com
1	s0.2mdn.net	c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
1	i1.wp.com	balleralert.com
1	vtrk.doubleverify.com	pub.doubleverify.com
1	public-api.wordpress.com	balleralert.com
1	i.iheart.com	www.iheart.com
1	pub.doubleverify.com	balleralert.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adspsp.com	balleralert.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	balleralert.com
1	certify.alexametrics.com	balleralert.com
1	c.bing.com	1 redirects
1	certify-js.alexametrics.com	balleralert.com
1	prod.adspsp.com	balleralert.com
1	s3.amazonaws.com	balleralert.com
1	cdn-images.mailchimp.com	balleralert.com
0	px.adhigh.net Failed
0	a.audrte.com Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com
477	131

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
balleralert.tumblr.com
www.balleralert.tv
soundcloud.com
instagram.com
www.snapchat.com
balleralertmerch.com
polialert.com
twitter.com
www.linkedin.com
my.community.com
jetpack.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-28` - `2022-02-26`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
cdn-images.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2020-07-03` - `2022-07-08`	2 years	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
prod.adspsp.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
adspsp.com Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.937theriver.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2021-11-07` - `2022-11-07`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2021-12-03` - `2023-01-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-02-08` - `2022-04-19`	2 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 61 frames:

Primary Page: https://balleralert.com/
Frame ID: 3BC82E6C2B5F936DBB205B8B907A5BBD
Requests: 210 HTTP requests in this frame

Frame: https://cds.connatix.com/p/151156/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Frame ID: D0ECEC07AD0E3C6CD4DD5CEECF4C6CE2
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/151156/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Frame ID: 1F0F082FD92045B0DBE2A704229061A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: F220DD5BE13F28A21428906BA05DA9BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5729413333126369&output=html&adk=3046330955&adf=2044148826&lmt=1645217125&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fballeralert.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645217125238&bpp=3&bdt=624&idt=291&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4289848002493&rume=1&frm=20&pv=2&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062422%2C31064036%2C31061691%2C31061692%2C31064019&oid=2&pvsid=3190168124789473&pem=536&tmod=1202785987&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: B117C6AAC2A6FB6CB17D511B0C6535DD
Requests: 1 HTTP requests in this frame

Frame: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Frame ID: 9481027DC05D6A04543FD5162395CFDB
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Frame ID: 9FEE2768BDC7C1D9FDC4DD85FFE37961
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Frame ID: CBE2620A0006BB45FC45C15BFD974E06
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C137DEADF828F645B4478142138FBAB7
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Frame ID: FCED007FCD1196ACC1E1D4515E09D26C
Requests: 5 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com
Frame ID: 249010220FF94D40F9A1C39ACAC0C840
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com
Frame ID: 4E113DDF1D94549FB9768DB595818327
Requests: 4 HTTP requests in this frame

Frame: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9E1888533A4ECF7CBE3044CFBF93A54
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Frame ID: F07C796A2A6242CEFE619B21AA471F71
Requests: 4 HTTP requests in this frame

Frame: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8728AE475DD6D000A5CEC90E62B5E689
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRDw1GYY-dy0HjAB&v=APEucNWcFK-O95xHRrr-7pwTXnLft_iasPzIv6GYMUSxf-V1PTPHgIZhRk5Hkh1FAKmhQFOokGK1ZxznM1iuX5G134eJYH8Sbw
Frame ID: E48B6D8F7AFFD5BEDB1093AACD59D267
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJLZkdek6ENzbFRWwS1VUOKrUfSetBbwM_zNbNWsvjAje2Jdxkcv_Ob7UKreiTAKWwvjNyI9U13nt2LdXlDaxYv-WYbcZwpY2OtTFCddN_Zs-9IRPjek79WUL4Bfcy-a20mzjkesbX71np5ezbRjRQE-npBD_auCfNnoLEIIlScP_icuPyjYqPumMNVlxp8n07TGUVKSiwmRKv-RGY11lgUisDPRUZH7ZbRLHJPdnV8cllR0u6phE3WKQtPANUWTZat7jgtGustTj9HWEeIxeluSi5FvXBZ09OifDkCSkR5fgWTFNVeLDuABTXVqk8vz09GA8khlI7lg&sig=Cg0ArKJSzDijdOvHA1gYEAE&uach_m=[UACH]&adurl=
Frame ID: 1144D53364EDCCAE69E36B4165F37754
Requests: 11 HTTP requests in this frame

Frame: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 625D53A89B6AA14C5AF66D914B9CF3CC
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 94358ACB2165870785BFA0F741CA5469
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2197.js
Frame ID: 282768283DAFA34249F7653C54E9DD93
Requests: 4 HTTP requests in this frame

Frame: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C74E03389B877729D28243C6DD80D84
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df104160ee98547%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff22308de0bb3b14%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false
Frame ID: 6CE0A5F8D0367205F8C13948EABFC75A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 23C00BCBBD34D6925B54ABA3879F10FA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 42A328BBCC9771A7050DE5D27F9F12C3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6577CC344D5080DFF2B16C94854387D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 683767EFFC4B7F2E62DEE0021C6B20D9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: 55C398B2E92380A1D037EFD4DE4A84E8
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3BB870A228E1B336D49CEB616CEEA678
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YhAFaAAHN4CHyQBB&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB
Frame ID: AAC05C103D57F90FDAE2853CB286F3F4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6C3A2E95B12A86E6EC0888DCEBC7758E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B427DC4FDCDB36FD8439C64ACE762271
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD8F118C5E1F27756E9617BE9E1897D1
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: C96768192B6F940C5C6DB67B27AB57BC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 884EEDAE178921B6840318F61701AB86
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: C129FCD79796973A143F1A0D78388BEF
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: 60B8AF82D0DCC3F09E602F240DCD058F
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DB9B182483EDC3BAB274BF31B3BCF499
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6402EF4275414353A23C5C3976A7BAC6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 798A0B697913AA62728628D19031D71F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 04DB8DE8CD9E09AA1D7AD588D277C4A9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: 4DF8890D4174B90FECE2AF2F90BDC272
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: 1D94DC9060DCE5FE90FB2AF35E9D8834
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 7188BC1DF116A27B2510A9790482F9E5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F4C5D2AF5A779A8989C6CD8D49937E60
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 90AF99D135FF19EC7C528E5D79A1E0CC
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
Frame ID: A226ADFC54106C7DE57B8B4CFFC5D763
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4904849050675012B41246C7A7BA133B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7899400673362287494
Frame ID: 92F9D22C9BEF768B150304D8079F0B9B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&gdpr=0&gdpr_consent=
Frame ID: C53F41CCA4269F104BA1871220ACEAC1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772478822548
Frame ID: 3A2B6E9EC869C037BC076A787A6BE7A8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
Frame ID: C1E9DAC030929029B93F4376F4407D58
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: 6DC5CD388D38C183FABF632C1486DC28
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: F7722C0D1DD56C478279FE8884A504BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772480133268
Frame ID: C52A9B0B8AE913A1F1DDA4F6EFF6A9AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
Frame ID: AFD1DD1F0383C18C022C1DCD3DC7FC22
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: ED5BC13D9B0D47534E717662D4213132
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2AA6DABBAA19EE8BCCF37B02AE31748C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772481181844
Frame ID: 37582E53C15F0DC4EB7A78FEB2B87D2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
Frame ID: A3A7A54487765938F4D75AE497927349
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: A06E54D79F570C81BD904085DF7E20EB
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: A06A4D4D7B7FB0123DF3DE09D581223C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

For all Celebrity News & Gossip! Baller Alert - Baller Alert It's a lifestyle!Magnifying GlassClose search results

Page URL History Show full URLs

http://balleralert.com/ HTTP 301
https://balleralert.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
cdn-images\.mailchimp\.com/[^>]*\.css
chimpstatic\.com/mcjs-connected

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

477
Requests

87 %
HTTPS

39 %
IPv6

75
Domains

131
Subdomains

97
IPs

9
Countries

8581 kB
Transfer

21013 kB
Size

81
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/balleralertcom

Search URL Search Domain Scan URL

URL: https://www.twitter.com/balleralert

Search URL Search Domain Scan URL

URL: https://www.youtube.com/balleralerttv

Search URL Search Domain Scan URL

URL: http://balleralert.tumblr.com/

Search URL Search Domain Scan URL

URL: http://www.balleralert.tv/

Search URL Search Domain Scan URL

URL: https://soundcloud.com/baller-alert

Search URL Search Domain Scan URL

URL: https://instagram.com/balleralert

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/balleralertcom

Search URL Search Domain Scan URL

URL: http://balleralertmerch.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://polialert.com/
Title: Political News

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BallerAlertcom/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fballeralert.com%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/balleralert

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=@balleralert

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Baller+Alert+https%3A%2F%2Fballeralert.com%2F

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BALLERALERTTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://balleralert.com/

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/discover/The_Baller_Alert_Show/2396680287

Search URL Search Domain Scan URL

URL: https://my.community.com/balleralert

Search URL Search Domain Scan URL

URL: https://jetpack.com/search?utm_source=poweredby
Title: Search powered by Jetpack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://balleralert.com/ HTTP 301
https://balleralert.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://cd.connatix.com/connatix.player.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9 HTTP 302
https://cds.connatix.com/p/151156/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9

Request Chain 94

https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9 HTTP 302
https://cds.connatix.com/p/151156/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9

Request Chain 107

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=F4A5B2FE051E472893A2F5C686D86560&RedC=c.clarity.ms&MXFR=39F13866C2E56FF5162D2929C6E561A5 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=F4A5B2FE051E472893A2F5C686D86560&MUID=108BAD61BA54634735F7BC2EBBDF62A8

Request Chain 122

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1121058685.1645217125&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YwUQYqfBLcGF4gHurY6wDA&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1121058685.1645217125&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=YwUQYqfBLcGF4gHurY6wDA&cid=CAQSKQCNIrLMMM2Vox2jcarl8el1_pBRZnMhyyeYAsJNloaG5-XDyiMtcvbJ&random=3527326551&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1121058685.1645217125&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=YwUQYqfBLcGF4gHurY6wDA&cid=CAQSKQCNIrLMMM2Vox2jcarl8el1_pBRZnMhyyeYAsJNloaG5-XDyiMtcvbJ&random=3527326551&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDYe19IPoJGXcuJboPdLI9zLzPzyRVtZHAQXBp_KABvd-Lve52WPRBNfaN7PF2uvlVuGWInUpaTeNlZ2-Q9O6lV

Request Chain 273

https://sb.scorecardresearch.com/b?c1=2&c2=6036262&cs_xi=5076355116&ns__t=1645217127824&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5076355116&ns__t=1645217127824&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F

Request Chain 312

https://gcdn.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/999259410B1BE88F6276B26D790D2D81C75EFD12.3DCF901C72C42CFB5C5FBD4B80F2F56C2A1FD4B8/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-h0jelnes.c.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13161D7AD729370CC7D7B59B9375790A777002A1.049EEE0A135BD9D6F2A5D479E8F3FEAC19289856/key/cms1/cms_redirect/yes/mh/7f/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jelnes/ms/onc/mt/1645216504/mv/u/mvi/4/pl/46/file/file.mp4

Request Chain 316

https://gcdn.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/93EF4758EB9F0C035DF1F3A2157D500CE7ECA462.A494AD1A8520B1516939AF1DF97F8829207D0346/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-h0jeln7e.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/779E43361D431060E8FB3E7158BE292A388B29C0.0B7F0E63A016FE568E04BFBBF687FB03FD8933DD/key/cms1/cms_redirect/yes/mh/Vv/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7e/ms/onc/mt/1645216504/mv/u/mvi/3/pl/46/file/file.mp4

Request Chain 352

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YhAFaAAHN4CHyQBB&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB

Request Chain 374

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 375

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 376

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 378

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZSVSPY9-J-G2W7

Request Chain 380

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFB9-pePsYLthWoBbhwIbPA&google_cver=1

Request Chain 381

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZSVSPY9-J-G2W7&sigv=1&esig=2~4f388e8b62e5aa52329d8e39f5211027981ed5d1

Request Chain 382

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/fsjeqS-aqTZbZOiiU-fchQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5753474424595433184

Request Chain 383

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ee46210-0568-4800-9f61-dae0c802727d

Request Chain 385

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVlNWY3NjAyYmJlZjg5MDNiM2NjMTYyZThkOWYxYmY0NGFhNzRiMw

Request Chain 386

https://c1.adform.net/serving/cookie/match?party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D

Request Chain 388

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7899400673362287494

Request Chain 389

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&gdpr=0&gdpr_consent=

Request Chain 390

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yqKv5TRLQJC9A5XdwrKBnQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 391

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9dc66210-0568-4c00-a72e-fd55653bcb12

Request Chain 392

https://pixel.onaudience.com/?partner=214&mapped=CAA2AFE5-344B-4090-BD03-95DDC2B2819D HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1e7ff264a5c468881a7f8ded0c2126ea HTTP 302
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__ HTTP 302
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4850103500708417090 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=06c3be3a41f89d8db5e25790e75f9261 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=ad587a63-0890-48c2-9f73-761f345b129d&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=5235a37a01002983 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a1d8ccb-404f-476f-7fd4-98ea8d1716bc&reqId=651c0280-e90b-4a1d-4f66-45b5edab0f22&zcluid=5235a37a01002983&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEPGcDgpET0HsWmYL_ZNScg4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a1d8ccb-404f-476f-7fd4-98ea8d1716bc&reqId=651c0280-e90b-4a1d-4f66-45b5edab0f22&zcluid=5235a37a01002983&zdid=1332

Request Chain 393

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FBMkFGRTUtMzQ0Qi00MDkwLUJEMDMtOTVEREMyQjI4MTlE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnckBMXPo9daD60hmDZhTs&google_cver=1

Request Chain 396

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4850103500708417090

Request Chain 397

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad587a63-0890-48c2-9f73-761f345b129d

Request Chain 398

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2256209431365242634&gdpr=0&gdpr_consent=

Request Chain 400

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t

Request Chain 401

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhAFaP1JARgd1weupIiYyQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1

Request Chain 404

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=70dd51d4-d092-9d33-3ca6db60

Request Chain 405

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647809128

Request Chain 406

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 407

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6985035291890331806&uid=Q6985035291890331806&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 409

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhAFaP1JARgd1weupIiYyQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1

Request Chain 410

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t

Request Chain 420

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhAFaP1JARgd1weupIiYyQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1

Request Chain 421

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB&dcc=t

Request Chain 422

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 425

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6985035292144618503&uid=Q6985035292144618503&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 439

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772478822548

Request Chain 440

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=

Request Chain 442

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHc1RrN0VJQXNBQUhzdy0ydDVFQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 443

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42

Request Chain 444

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 447

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=

Request Chain 448

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GZh5JB-ffnYCk39yH8hlcErOeiUCy392H8vR82da

Request Chain 449

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D0f72ee1e-66af-4744-85f2-a41b0a3294df%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=01a60999c9ec4391b90410df9838fa09&ssp=pubmatic&bsw_param=0f72ee1e-66af-4744-85f2-a41b0a3294df&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f72ee1e-66af-4744-85f2-a41b0a3294df&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 450

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4581962177314719284&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 451

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b8d7781f-05d5-4926-af10-fe305fb33c7a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 453

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42

Request Chain 454

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 457

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=

Request Chain 458

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hQ6qgoMJrdCeBaOC1g62i9EIqNCeDPmFgg78G8aH

Request Chain 459

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772480133268

Request Chain 460

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://px.adhigh.net/p/cm/bsw?u=11ef1ac0-9612-467e-9c87-d066a6339a62&bidswitch_ssp_id=pubmatic HTTP 302
https://px.adhigh.net/p/cm/bsw?u=11ef1ac0-9612-467e-9c87-d066a6339a62&bidswitch_ssp_id=pubmatic&bounced=1

Request Chain 461

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=

Request Chain 462

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365789395200935476&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 463

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cfad6693-0e4e-4e7e-8707-df2d0f0615a9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 466

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFYnlrN0VJQXNBQUgzQU5KbnpNZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 467

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42

Request Chain 468

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 471

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=

Request Chain 472

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIFpfbKGbi-vim8rtoV1LrGLbn-vhm5-ttWE8kek

Request Chain 473

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772481181844

Request Chain 475

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=

Request Chain 476

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4437846989238863412&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 477

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:efaec765-0218-4d96-a302-dfefb87e91f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 480

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJZXlFN0VJQXNBQUg5TWtVU0Q0UQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

477 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
balleralert.com/
Redirect Chain

http://balleralert.com/
https://balleralert.com/

175 KB
40 KB

703ms
610ms

Document
text/html

172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

599863f104e6a2c8d3f5c57633373e86ebf69906e04a0ae763f8bfb0161827bf

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-type: text/html; charset=UTF-8
x-frame-options: sameorigin
link: <https://balleralert.com/wp-json/>; rel="https://api.w.org/", <https://balleralert.com/wp-json/wp/v2/pages/70807>; rel="alternate"; type="application/json", <https://balleralert.com?p=70807>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://balleralert.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://balleralert.com
cache-control: max-age=600
expires: Fri, 18 Feb 2022 20:55:22 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVpTKPpW5CtEsKmXTp4%2FhFI6Hw6ZAASeZOCcXu3BT3H%2FCh4u4b1GrOEUSfj2s%2BVytjul1v0LA%2FX%2FlWKsy78pvaASD1CswUccgWjxVtMWIbNtSky579zdtdoe9yM81jaYuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dfa19459d4571bd-LHR
content-encoding: br

Redirect headers

Date: Fri, 18 Feb 2022 20:45:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
X-Redirect-By: WordPress
Location: https://balleralert.com/
Cache-Control: max-age=600
Expires: Fri, 18 Feb 2022 20:55:21 GMT
Vary: User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeIpqbDkjdnuZNDqt3IdGIS%2FqTZfRcuwX6usp5jSzWZ2TQFx2B9KVKwUiqDtFCffkMxWu0D%2FnRYamc%2BnZNAj0gDZBQIXnzUDUUWor%2FWhGikhUF4HvVI4Fs4TzjgZZ6DrSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6dfa19433ca271e4-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 205ms
70ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1038006012

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d394c6d252191e1a1013a387b7eea31bb74a63c4f838944e1a6a46bbbe431f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40750
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Feb 2022 20:45:22 GMT

GET
H2 200 tribe-events-pro-mini-calendar-block.min.css
balleralert.com/wp-content/plugins/events-calendar-pro/src/resources/css/ 655 B
542 B 57ms
57ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Feb 2022 17:50:39 GMT
server: cloudflare
age: 83360
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiH1URwgB6xbMewAXFUSqMrxKk11eJP3HVgzPo9fzsRmNef6HI7cfB8ntWKk%2FxBqWlafOr2K1yIr0frK5QgoYrAIdVT%2FcwaVK71FtfnBP%2BeKzzQuXO45HxSyBeNXyzZe3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa19499b8171bd-LHR
expires: Sat, 19 Mar 2022 21:36:02 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.9/wp-includes/css/dist/block-library/ 77 KB
10 KB 144ms
43ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 03:15:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.9/wp-includes/js/mediaelement/ 11 KB
2 KB 185ms
85ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.9/wp-includes/js/mediaelement/ 4 KB
1 KB 186ms
86ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 sfsi-style.css
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/ 84 KB
14 KB 60ms
59ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a5af87f74014118ce8d017bd91dc4e06ff05125a5b710a966609ec60dc97ae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203636
cf-polished: origSize=113616
cf-bgj: minify
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhXwxbFTjHN%2Bz%2BhIOjERhy%2FcbfF%2FqhyrLAM7Q5YwrSj8%2F7fcDeVzhH4siyuarEGFVzDBOf%2FLEurn5L9wKnyCqjdlADDqxwiXHdHW13fQiU0H4cGwLlg73st8rOSsfFEpiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa19499b8471bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 unslider.css
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/ 573 B
495 B 77ms
77ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/unslider.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Oct 2019 17:12:23 GMT
server: cloudflare
age: 2203636
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBDYfcig2Dzs2lVeJrBck3dVDlQjkScEGtMqzyxtIZsZ5l4W6eCBjyeuj4Wh2qokQdmt%2BFWCr25nXjZLvTMEhRXu4YdlNxXRbCvVleKD0sKu0OmIrrMDp3Ua%2BH%2BGSb5yDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Wed, 23 Feb 2022 08:38:05 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa19499b8571bd-LHR
cf-bgj: minify

GET
H2 200 slider.css
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/ 417 B
559 B 54ms
53ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/slider.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fbaf3eac344aae4adc2f1a0b300a9d96443a8ccd1e6e7fa0f48ebb176a0b0c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203636
cf-polished: origSize=633
cf-bgj: minify
last-modified: Sat, 26 Oct 2019 17:12:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEnDQorIFcfVciAfCtTC3RTScbSvn9hsa12IEnbk48FH8pA7OCe2dsuTga7lsMrENp6dOAKnmEKvmhvHToafdiZXbIRbQFTcmUfLfxMu9dOgtIX6u1T6zQ%2BpmO0QWVXZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa19499b8871bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 styles.css
balleralert.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 68ms
67ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1558601
cf-polished: origSize=2731
cf-bgj: minify
last-modified: Tue, 25 Jan 2022 19:27:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP%2BfLBaJ%2BBJ3pQImmHCAKz9RvU15jfi%2Be59%2BmEOKAcMOMLi3UoHI%2FhWjzzVF8iA5UY38fBV1ljt97XXZvrHKNS%2FcI6abG3x8DSdwyxCnk4QR5NM2wcqxfX5MTDTjShh%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa19499b8b71bd-LHR
expires: Wed, 02 Mar 2022 19:48:41 GMT

GET
H2 200 style.css
balleralert.com/wp-content/themes/sahifa/ 162 KB
33 KB 62ms
61ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819a73c1721e89fde342db29fbb0df6594b713ce2fe105f1e6ed4a8fe88bf575

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 716614
cf-polished: origSize=203062
cf-bgj: minify
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBZGXHPQMujES1hJWGQv%2BfPcCUrImSsXrn3yeMHaIeMj7imWL60Em0geuWQ23r2zzGOWx8oBHbNO14mluVLB%2FlPTqixRH4D6LV7Ys%2FSDULIuigfOy%2BJEX1Sp8yvS2FSiqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa19499b8d71bd-LHR
expires: Sat, 12 Mar 2022 13:41:48 GMT

GET
H2 200 skin.css
balleralert.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 6 KB
1 KB 55ms
54ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203636
cf-polished: origSize=7289
cf-bgj: minify
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFyde9MIOnn708c%2FSj0mOA1iJijg%2FKVa8ZbTLG8U51xrDCNkKftWXW2UsOzhDj7DebnB6QBCHdWNh8%2Fsj%2BoNbqTOiEnCVvDb9eVZO2jC%2BJP1DsBv0RTWCq1Qw2GPCDqTdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa19499b8f71bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 754 B
834 B 197ms
64ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 19:35:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Feb 2022 20:45:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Feb 2022 20:45:22 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.6/css/ 86 KB
16 KB 188ms
88ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.6/css/jetpack.css

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Tue, 04 Jan 2022 22:15:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/jquery/ 87 KB
30 KB 188ms
89ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/jquery/jquery.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/jquery/ 11 KB
4 KB 189ms
91ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 unslider.min.js Show response
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/ 6 KB
2 KB 60ms
59ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/unslider.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9bcfcdf3913076194efc851a76c4686fd0f4c336ee09e5739ab31590eb13eaa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Oct 2019 17:12:23 GMT
server: cloudflare
age: 562786
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkZjqWV%2Fhh5MF6KBbikniM0Des00tW%2FtyU8Z023ZfSNHGZWewkNRzS%2BxU4HAIC9Mpo%2BTDjDYXLhLZ3S6ndvV8UHQHEl31%2FuI0qZB6KeVxN9GyX9i2amnFh6KAbWzHSoq7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa19499b9171bd-LHR
expires: Mon, 14 Mar 2022 08:25:36 GMT

GET
H2 200 jquery.event.move.js Show response
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/ 8 KB
3 KB 56ms
55ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/jquery.event.move.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aaf90a00d378f096c89c7a0a3503c98d8f663eabab958bb1b226020c4f2ad2e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203636
cf-polished: origSize=13952
cf-bgj: minify
last-modified: Sat, 26 Oct 2019 17:12:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9VTEVTmKAWPPkuvysk6AHdjvy1DbrMAWGaSGdSQPZhLWnWYaoPMjLlpd3jnVbu%2BAyMfnB5upBaHqMnme9m2uZ5G21I%2FayXBDFOAzhzSF%2BTQP5qsXKIMZnULA%2Bwa%2BM6Vrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa19499b9271bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 jquery.event.swipe.js Show response
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/ 2 KB
959 B 68ms
67ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/jquery.event.swipe.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b2476edf95aa04cd7ccb301051fb62853b69d39af09c929a81fdba43143bc5a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203636
cf-polished: origSize=3437
cf-bgj: minify
last-modified: Sat, 26 Oct 2019 17:12:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zipfThNTxpr575iCtQFfU0wPRw28H5owA5l91qKdJAmmh%2BCWrpEP2xFNEesWK1WHTqDmzWBONAitnFqvYZmMe%2FTQci355ilg2enSsJUXR9usT%2F%2BtBGhAr1LhG%2FnGkolUfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa19499b9371bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/dist/vendor/ 6 KB
2 KB 208ms
110ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/dist/vendor/ 19 KB
7 KB 208ms
110ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 advanced.min.js Show response
balleralert.com/wp-content/plugins/advanced-ads/public/assets/js/ 10 KB
4 KB 92ms
91ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Feb 2022 17:50:38 GMT
server: cloudflare
age: 1347510
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kW5owMNKPO5RImSVWi1oRxbWzDAcS8Tl%2Fr8rdEQgD4mq9%2B%2Fl5MauWpA11qrUet3z3317ph6HrKcA8j0PZo3B3ShR2g0HN0zXtf4RMwlp%2F0Rm89YZFVS97%2FTIekKHYNWlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa1949dbf671bd-LHR
expires: Sat, 05 Mar 2022 06:26:51 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/dist/ 6 KB
2 KB 209ms
111ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/dist/hooks.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/dist/ 10 KB
4 KB 208ms
111ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/dist/i18n.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:22 GMT

GET
H2 200 i18n-loader.js Show response
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/ 6 KB
3 KB 96ms
96ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58bf516fedf2482b3be6125c03b9a9ef1fa057f69e375fd96754b11b3565e74

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
age: 1168048
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUgVjbqlWi%2FPYCsuTAQMWRgjynpzteCg%2Fhl2l%2FVgxecvkPyAnkdixm5ORp4LI0xhU3H0RtyedBncdEL3WPNzUVygWXcSRGU%2FpVbUvCnXPfpQCP9buJVAR0Gu9E9p3FWNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Mon, 07 Mar 2022 08:17:54 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa1949dbf771bd-LHR
cf-bgj: minify

GET
H2 200 front.js Show response
balleralert.com/wp-content/plugins/wp-security-hardening/modules/js/ 37 B
421 B 91ms
90ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/js/front.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d429d28b9e4fb5a936e932e8b3f92ed4c267eefec7c32cfe15bf18f1f5932788

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561499
cf-polished: origSize=59
cf-bgj: minify
content-length: 37
last-modified: Tue, 08 Jun 2021 15:51:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44q%2B8uDXei1sp5BbxvvV7Lt%2BIXu1qYQG3AtQjljAU03x72gWIRmO0xbj9HjtvDDF1sRTZzf1hq%2FtXIzr2ThxP%2BHFScvg%2FBJovih6qFYESzK5zYW85us2eoToQAY4QEbG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6dfa1949dbf871bd-LHR
expires: Mon, 14 Mar 2022 08:47:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 220ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc6769aec790550f21cd37fffac7a6a5db08f55dc1787acd7c97fab1967e7a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53583
x-xss-protection: 0
server: cafe
etag: 14100001745474985035
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 72ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3874823-1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de586620ea2b25324018feffc01dafb033d4cd57b8a078a80db9eb51a96bbe9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37324
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H2 200 balleralert_web_banner9.jpg
balleralert.com/wp-content/uploads/2018/11/ 230 KB
231 KB 104ms
98ms Image
image/jpeg 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/uploads/2018/11/balleralert_web_banner9.jpg
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4626acb90a61ad2e64125d843b8f8d66cf6d813a5e7b799b34bd9d9c450b94d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1347511
cf-bgj: h2pri
content-length: 235495
last-modified: Fri, 16 Nov 2018 16:17:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnEnhPfFAwaos1%2BDoFGVYz7lZuDYU9kzmcoImLL0SVpy8mVK%2BlPIH5p9FANrAXuM1LYGjxFfOL3WRObIwBwhHZUjxZDWa0gHi4dg3j%2BpEZ18gi94CRvPzbD7TlQ5ARlrVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6dfa194b7ea171bd-LHR
expires: Sat, 05 Mar 2022 06:26:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 191ms
59ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: HCJGqAhNBtoq/iOI8XDP0onTBPtObDB15Nlw8WyR+rBPJxAxndy/IOP+KGckP3KZsU1S25Kz5mzVWpAiFLWYmg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 18 Feb 2022 20:45:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 68l31pf5w7 Show response
www.clarity.ms/tag/ 936 B
1 KB 336ms
177ms Script
application/x-javascript 2620:1ec:27::cafe:2250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/68l31pf5w7?ref=bwt
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 192f480022126cbd04f77300c71f3fcd33d632ac8443bb7494426143f4b8f510

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
x-powered-by: ASP.NET
x-azure-ref: 0YwUQYgAAAABYTDl1evf9S5aNXpdkiw8iQlJVMzBFREdFMDcxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2 200 9zkrdib96i Show response
www.clarity.ms/tag/ 986 B
1 KB 311ms
151ms Script
application/x-javascript 2620:1ec:27::cafe:2250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9zkrdib96i
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: af42a6d6153de280e3f76bc3eabb0a6f291cf6b01b242f6b1add89d2aba20b45

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
x-powered-by: ASP.NET
x-azure-ref: 0YwUQYgAAAAD3bnj+3gvDQ6KiK1TE+zzfQlJVMzBFREdFMDcxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length: 986
expires: -1

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 218ms
81ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC12BB1202B84B32B6FCDCBF1731F507 Ref B: FRA31EDGE0215 Ref C: 2022-02-18T20:45:23Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 wp-emoji-release.min.js Show response
balleralert.com/wp-includes/js/ 18 KB
5 KB 106ms
100ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 23:01:28 GMT
server: cloudflare
age: 2203638
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHNB3XsL%2FvmL%2Fn4pKgtVQ8YjKv%2F2OOpKipZOH5wgIlvj9OGPElHYSiw6FmPK%2Fa057P%2BZTurNmuPsBpL%2BlOfwWRARg8s6Rv%2BhkFVyV5KO%2BbbAXhSQEc8XYiwHZr5wtcai0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b7ea371bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 chrome_grey_rss.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 5 KB
5 KB 105ms
99ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_rss.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4827fec4b688c883c19d7dfacfe8a04809681b3651e835fb69540193cd159f4b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NAIL0Lh4%2Flf1%2FqOkvh52HB2SHvcERREbtKPGAI0amLAs99CX%2BUMN7Wy7KeAQnOCSbVEHF8ikvrlShjBd7APMkDRy7DsWnEHARsloQlxrru4FjD7U3SjUT8pPDvC%2BWgKiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7ea471bd-LHR
content-length: 4980
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 chrome_grey_email.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 5 KB
5 KB 104ms
98ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_email.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5737f4004f9085da1cda9a674548a2162d642249a865fb68708ef0036ccdc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 563939
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG074IYvxWT2wS55f0XPNJgsEVvf%2FymAMUX3ERZmIIpr2aL6rEHLyPqauLjOmoQBqNRAeja2S444moKOXHZUlycCAXK3Md5Ug99tERVUCHMJHDW1BkBrGNeJm4kVAKrz5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7ea571bd-LHR
content-length: 4846
expires: Mon, 14 Mar 2022 08:06:24 GMT

GET
H2 200 chrome_grey_fb.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 4 KB
4 KB 105ms
99ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_fb.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af4762b2df5da39ca42be9960daeefe7fba3e07bc30ba6acadaa3cfea3f3415

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3vByYF77csnz9xSck1ibBFadz72cu8DFnhOYKGmnD6nlz6aX5nn2v3CaCfiqEUn7Gxf%2FDZq6VWH9F3fT%2FFuKHJr6VQu0M2bwoGK2cAvhL8%2Fqiomv7bXSQJWwrYjVMYR%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7ea671bd-LHR
content-length: 4045
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 icon_Visit_us_en_US.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_fb/ 1 KB
2 KB 105ms
99ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_fb/icon_Visit_us_en_US.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d91ab032211a3cfedf49470c5490ee1cc7ca322820fcfcdfa9ddcc1307549d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 561500
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vq5rk9l2z56EBgKZXL71euOtqLlLXSnTKjkqpoEcJCKSduKZDvi1NM5yMm6y9R9qfV2WEt5QNMsTndBKj348v0QduiovwCdFrz8Az2nWEF6lO2aa9Y66epfUfSD11vQLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7ea771bd-LHR
content-length: 1280
expires: Mon, 14 Mar 2022 08:47:03 GMT

GET
H2 200 en_US.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/fb_icons/ 5 KB
2 KB 106ms
101ms Image
image/svg+xml 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/fb_icons/en_US.svg
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b6c062809a62bef4918b6d73d087e997ee2f92fca0cfbb5c281a5817292452

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 77377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXMOV5oRFewvN%2FExvjVY%2FomyQbS9NFosA25cq5QE%2FxA5yMY%2BEJPWokVA6fKekdYH0LiqE4%2F7XfnQZ4fmOcJo7TaQYxrVbP3AXk1xy1hbfpRwtVOo%2FwyP2m4CFkv8lRiZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b7ea971bd-LHR
expires: Sat, 19 Feb 2022 23:15:46 GMT

GET
H2 200 chrome_grey_twitter.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 4 KB
4 KB 107ms
101ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_twitter.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd1a1a9daee80cfea98a4f8aa88b089b42fd416ec06e2f66ec4ab3d577ed479f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLDUpSDPBOjsCkWuodNyqQUwucw3QviI%2FS5hkjupRKgWQbh1AaJiTBitK9YD1gN7iH8ExKlWCYFbAUyK4pDJedx%2F6IgCC6RZRG%2FJEfJMYRJ5EF4loa0OV3e0GrjX60K%2B8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eab71bd-LHR
content-length: 4265
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 icon_Visit_us_en_US.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_twitter/ 850 B
1 KB 105ms
100ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_twitter/icon_Visit_us_en_US.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 298b9bc41c30aaea7fc89c925be64addb7c0a1df0d29cfde93ed4d38cc425131

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfMV5c9x%2FV7jikAo%2FC8YP8xnzAbOk0HtmJ%2FIAoq2SA4CFr4bZ3ABpLKma0IxdQUwjYwHydXM%2BEjF0qvOooiLAN1Be8hg%2BTlPWASkdnoRoR%2BQCtbq%2BKdzLJgGuoUPVMZf0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eac71bd-LHR
content-length: 850
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 en_US_Follow.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Follow/ 3 KB
2 KB 107ms
102ms Image
image/svg+xml 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Follow/en_US_Follow.svg
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1acec7ce5ab399ea205f3f38f9d424f15d3fefb08f4c1c9568806cc398fbac5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 70223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkGT82%2FoOUZiXneVJDIEoGkJkBXSYg75aTJFzY7or7MChL2aoPSiWfN6UO4ZZ9aWeDBI%2BbcsHg1CtnXAACkwwYQbVqJQYyXR%2BL2AXQiEaZoCd0Dqrcwj1NlEcVK6%2BkpuSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b7eae71bd-LHR
expires: Sun, 20 Feb 2022 01:15:00 GMT

GET
H2 200 en_US_Tweet.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Tweet/ 4 KB
2 KB 106ms
101ms Image
image/svg+xml 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Tweet/en_US_Tweet.svg
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6095a61e8e8cd490ec831d0731bf5c78fc97f9c2746b7d67dab0788adb949708

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 74631
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzVr%2BT%2F%2BwIQSoBaO2guxEJ3J%2FYwJzFtcnSb44l%2FkONrjJ7uhUfyrMLlhPQ7fYyCxanRPfvlYRPn%2FQIxdRloh4tC0Z6wHpht8OpQINGigAAZB77ZSp41O6siTcghobCGiug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b7eaf71bd-LHR
expires: Sun, 20 Feb 2022 00:01:32 GMT

GET
H2 200 chrome_grey_youtube.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 5 KB
6 KB 105ms
100ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_youtube.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01a1d77327096c8c49f04af3f4da2c120a9c479e0190f5623fd9ea7d3fe7106

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUIfZLxXwfHPE7nRf3D7m7wiJUCiqiorBMc478kpH49q0ugaeTjiYXYzL6cRBJTr1V5PB4%2F7ixFPqFGPA2mHowH%2BBRCaqsTONShIt8z%2BWEJG1bM2iXJ2l8fZq3xHmwWnrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eb171bd-LHR
content-length: 5526
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 icon_Visit_us_en_US.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_youtube/ 5 KB
2 KB 107ms
102ms Image
image/svg+xml 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_youtube/icon_Visit_us_en_US.svg
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639c929a03019caa46f531a6dfdea6fd638d98aa325c96a30afbc6a4f1aa1d66

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 80224
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCkieMS0Ry41sIZdDCXlKqA7nUSI64Tgv8WsL1RIfbY5zjkcM73702mEjIWYYdYiEAqT1m7DBvuncJFARcmXKmt9MaGEQU99WvBgh%2FzCt%2F30yHw86CI36%2FjxyF2WQPB%2FYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b7eb271bd-LHR
expires: Sat, 19 Feb 2022 22:28:19 GMT

GET
H2 200 chrome_grey_instagram.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 5 KB
5 KB 106ms
101ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_instagram.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32073ae72c27af5caad046c9d7a4ab061b2a81ee6b55d7e3e29611d61c16cc3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qgsx%2BNZXqUpebEMZV69AKN4r%2BUeEito3lIjlF2QcWNQ%2BkzwG04bqLDMCuBhBdcwW5OkUbt9OQF4zGiv03mkm6HwPQzEet3SuOEq%2FO2naQDuWy2T2lNQ%2BmaGrVFFd7wk8Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eb371bd-LHR
content-length: 5121
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 chrome_grey_snapchat.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 4 KB
4 KB 107ms
102ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_snapchat.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f99c531f5e0979a50a1f76d12f3e0c0cd5605be539b1fa6ab88c85d0e68f803

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203636
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izLINu6Hx5KqBZ5vzGHhBoOb28xCGhYgZ2ZK6hTvBMOsUHngDcDR8Bn7RJ6L7HaT72y%2FVhAqO6mJ0v0FAe%2FWhf8TBUeBT%2FH63klXVh%2FtFTpyl6iuIovEBMZOtSXqLmu9yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eb471bd-LHR
content-length: 4120
expires: Wed, 23 Feb 2022 08:38:07 GMT

GET
H2 200 chrome_grey_linkedin.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 5 KB
5 KB 106ms
101ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_linkedin.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1a37c43977758722ff2bddb8844c2af4627e0db2d5eb0f3ada59a3468b8ff9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203636
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsnhW8LUmum34X75m0j3XHP2sepnRmXWtSKZkKTU9MSj63G7r3bK4uJQioeHZJzRtH8lprTtsTttnXCqHBqyaTqIj66UJgEmm%2BDwuYOmt7DsH1WFFbHdYZGE%2Bp60fbUQ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eb571bd-LHR
content-length: 4896
expires: Wed, 23 Feb 2022 08:38:07 GMT

GET
H2 200 email-decode.min.js Show response
balleralert.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 48ms
47ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://balleralert.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 13:46:32 GMT
server: cloudflare
etag: W/"620d0038-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkN3lABgz6jjtVglGXszsEH3OT6rdA2bBzB7fzr%2FC15PKjNPOXZP1ZYnA%2FkLhsJq7IOSQt7Ovd%2FobnaIRIws5vgrMImaZSm4CnKOT1HApmgfkZqZ9CYemtV3o9ejtuNXTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b3e1a71bd-LHR
vary: Accept-Encoding
expires: Sun, 20 Feb 2022 20:45:23 GMT

GET
H2 200 en_US_share.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Linkedin_Share/ 5 KB
3 KB 105ms
100ms Image
image/svg+xml 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Linkedin_Share/en_US_share.svg
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d9dfadda2f3ae23cea507ba802ab446ffe1ded8244e84a5ef6764362f43bb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 77377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evfG6XZ7W8rXg08XiIphICLwT2XH7HXoUGKEwjGmqr%2BR5W04%2FHn%2BTwUaIV47OFQEy8NOFliSpblqXDg0X1CG69VthiTX3TcZYQgxOYg39PbJoGF42%2FY8XcpK76lJdLgVZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b7eb871bd-LHR
expires: Sat, 19 Feb 2022 23:15:46 GMT

GET
H/1.1 200
OK classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 199ms
58ms Stylesheet
text/css 143.204.96.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-96-118.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
Server: AmazonS3
Age: 79111
ETag: W/"ae0fc9b84c30cada1784022044962394"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Thu, 17 Feb 2022 22:46:53 GMT
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: dKLtiVrcLDW2bHU9WFWSw_xbDTACNdJK7Ebm9hP_NWusggbMwuXp1w==

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 573ms
153ms Script
application/javascript 54.231.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.98.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:24 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: 68R49B4ADQ7RDF6D
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: ovIgLo8+Redwy/j1k9o2dYcfrq49L40OCs4+Qp7mBVye8AcmjbraUMGxPqXUonRNsTOwC3eY0dA=

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 250ms
112ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

130f5bd079da4ccffb6b73d64ea8aa402dcf1370bb24572c8a4084db6de27f98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HW0stUNCut/Cp5D6jaSHFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "394b7d0314fc323cccf5714d62aa0586"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-HW0stUNCut/Cp5D6jaSHFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 507 KB
159 KB 213ms
60ms Script
text/javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: 182e51193ed33acca8a70f60a714c7d70e88111af48a17ba194b4c3d0dce8039

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-LI-UUID: AAXYUMte/cYmRn8yh5DtaQ==
Date: Fri, 18 Feb 2022 20:45:23 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-ltx1-x
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 162376
X-CDN: AKAM
X-Li-Fabric: prod-ltx1
Expires: Fri, 18 Feb 2022 21:33:24 GMT

GET
H2 200 tw-bs4.css
balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/ 175 KB
26 KB 64ms
55ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/tw-bs4.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9263313998d90eb7ace1abd7647bf2106bb772d4a04a41a9f3959e4cdd8c44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941119
cf-polished: origSize=213841
cf-bgj: minify
last-modified: Tue, 08 Jun 2021 15:51:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5B0AcHlQo%2BVgrr6l%2B6%2BNRsTkg6OjRYjpZuHGrvtCm6g681r9JJzb4G3KAguTPemAlVcixlaoPBMmMyqu4yZbjpqvGRaZqzTTlUb%2BSSN%2FADFMbW9NtAob7526GFVPXUNL1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa194b4e4f71bd-LHR
expires: Wed, 09 Mar 2022 23:20:04 GMT

GET
H2 200 font-awesome.min.css
balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/ 20 KB
5 KB 61ms
51ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 15:51:37 GMT
server: cloudflare
age: 941119
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrfJ2F%2FcpeNnZ2DdBgC3U7KcA3I1kax%2FzpGBKFq7m10fbgs3fWemzZxqnW%2BEBRYfNPyFgVWoPAGQ%2FC4aqM34GUihn9Ldr%2FYzF%2BbpXknIsbYN5rh1rztZ5ut1Sa3PMlilIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b4e5371bd-LHR
expires: Wed, 09 Mar 2022 23:20:04 GMT

GET
H2 200 front.css
balleralert.com/wp-content/plugins/wp-security-hardening/modules/css/ 126 B
467 B 59ms
50ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/css/front.css
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f6897cf6e2277014eba471652e7619cf6ccb9b55873e67860243fd197150d0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 562787
cf-polished: origSize=145
cf-bgj: minify
last-modified: Tue, 08 Jun 2021 15:51:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXLCV7mdEg51QBA8Pr%2BYsL9wEaPbXFciXJai3wrnTKvzvbSJIIfUMej1Wwt%2BUt%2BknxVuK91zuDkYGoDIEoC9kDk1dmpCMT%2BSA5%2FnPj%2Ba9YPq%2FamgFM4GDOwaVjB6ESBH3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa194b4e5471bd-LHR
expires: Mon, 14 Mar 2022 08:25:36 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/10.6/_inc/build/photon/ 685 B
417 B 52ms
43ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.6/_inc/build/photon/photon.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:23 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/5.9/wp-includes/js/jquery/ui/ 20 KB
6 KB 52ms
43ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a3ddd2ce22620b30c300f2a825b367c775940369f9a4121d7fa5a151ca42a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
last-modified: Fri, 08 Oct 2021 18:06:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:45:23 GMT

GET
H2 200 modernizr.custom.min.js Show response
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 3 KB
2 KB 61ms
52ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/modernizr.custom.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e90b34aafe5edfc85981f962261069b4a34979c51f34c4991b07f5d3d984ec

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFqoh6AWlzbmBK07UMlw2FzYSLBnYDGNpVPvIJ%2FdAfqMka%2Bqt81LaI3hJWmwvvo5ZTqJBzkU0KXm75%2BBQLqSXXkW%2FJrYXfQgnwNw8hvr%2Bn4CRAFoMrV0fCGKN4Rq3u%2FaNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e5571bd-LHR
expires: Wed, 23 Feb 2022 08:38:06 GMT

GET
H2 200 jquery.shuffle.min.js Show response
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 12 KB
5 KB 65ms
56ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/jquery.shuffle.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2051ec367c1be61480b94686061b4ecfe4365aa872b41f80cd208afb2602945a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 562787
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Lh0XTYXrXJK25%2BB8gzh9ZeSA%2FLhyzguIPBBxbbTBjihg7TmoT9fF%2F8EYhKl4HLn763ihOmIqGxNWtcPIvqZ8xf23tufu7OxCOug0xWHi6WHHvB%2BtC0TF8jAgUzCRDFKLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e5771bd-LHR
expires: Mon, 14 Mar 2022 08:25:36 GMT

GET
H2 200 random-shuffle-min.js Show response
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 1 KB
991 B 61ms
53ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/random-shuffle-min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30aa763639b91cec13bafb4649a956320321316e82f39205a9e948a6392cf8de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 1347511
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DABetAhdGTPlnZgPmxUW4DyaGqZP%2B8vrGiyKK6oAzN%2BchegBo95MeJa4zRt4S3yZ8D%2BePLLTZ5UpTjjOiw6orXGooN0IZHOXnERDpdSMVWAaiHV8X7a8NhmaxmiS%2BFvAqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e5a71bd-LHR
expires: Sat, 05 Mar 2022 06:26:52 GMT

GET
H2 200 custom.js Show response
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/ 63 KB
14 KB 65ms
57ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/custom.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b18072bef2e7e0f05487040fa67cb159169aea754838b5088e5a75212d680d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203637
cf-polished: origSize=88647
cf-bgj: minify
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuPsQ1m2ErqTEwim4yd9vk7cKYhhFRSsyI6AQza6Z%2FUAdQQq4LpRkJGeAIt9XRezJEG6SZrs%2FLTEBInDCXv7UTKy7Owe1B3dskS6%2BZ32oy9agksoCMTfLxMzjTwCryMSTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b5e5e71bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 index.js Show response
balleralert.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
3 KB 61ms
52ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 19:27:07 GMT
server: cloudflare
age: 1558601
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zEKstR%2Fpp9irmNZzlHkf5KC%2BRM1LOYPKmlhnyDwgDsFG7dirsuIr%2BJqiyYHZmJs5%2Fpssgt5cnXTxPT0XqVTyYlFTGhQ9cXymQncP8LZOQLcmCoFgjq0D8gccrrm0qDWnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Wed, 02 Mar 2022 19:48:42 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e5f71bd-LHR
cf-bgj: minify

GET
H2 200 layer.js Show response
balleralert.com/wp-content/plugins/advanced-ads-layer/public/assets/js/ 17 KB
5 KB 67ms
59ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 562787
cf-polished: origSize=27959
cf-bgj: minify
last-modified: Mon, 21 Dec 2020 20:09:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n22GtIWWhPamyIyznA2SPySRnPJh1UxMMBeU7ZWkz%2Fw6eKw2TvN%2BOvDeAikEhmZ%2B%2FOy5R2Jky5tbRgt40IHRiXV1ugTo3h2jpFcgDmuGQm3cI0m2lPYoV0BZEYIgLJhcyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b5e6071bd-LHR
expires: Mon, 14 Mar 2022 08:25:36 GMT

GET
H2 200 script.js Show response
balleralert.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 2 KB
989 B 62ms
54ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203637
cf-polished: origSize=2962
cf-bgj: minify
last-modified: Tue, 20 Jul 2021 00:15:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7YCWZFXDguhBbDLRs5vjLbLA3yfIxqsPW3vAzIPc9Dh7BJk23CW8qr0ytndVQnG2UoQbslCbbLOBeasfSAS8cXP7MbJnOvZrLQu2TByzPJ16b178m6wX63ZbaOiX6tOnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b5e6271bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 sticky.js Show response
balleralert.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 4 KB
2 KB 65ms
57ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561500
cf-polished: origSize=5914
cf-bgj: minify
last-modified: Mon, 21 Dec 2020 20:09:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7hde%2FyoPDHK5cUHARMdcfhvimT%2BoRfvP7rc0h5tjk5LCCy6QcXynNsnt%2FyWuQB795ohQ30w1kw%2B4wcTkujmKKdHMbyDJKVzKkI4KZwQeXSHs4YzJDm0WL2lPCDp7uC2pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b5e6471bd-LHR
expires: Mon, 14 Mar 2022 08:47:03 GMT

GET
H2 200 advanced-ads-pro.min.js Show response
balleralert.com/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
2 KB 62ms
54ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Dec 2021 04:57:05 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu71tj7J4BZI5EbEGczDJrFSfe%2B%2FMkCWPX5o6BYC4YH6ds6KcjedCfFWpzSboqf%2FRhaJI9j1AKye%2BuJ%2FQ9BTIWSu83L16TV%2Fa9I2uWaAge2MbYtqcLXvy9jrLEkQkYNlYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e6671bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 jp-search.js Show response
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 7 KB
3 KB 67ms
59ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed2d93ec01bbd5632899d1b94a2f98ea35c4b1631733e854c26a1b179e75578

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
age: 1168049
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIzIttpcLscCZCJY9N1htPw8flsMWFYwAWRHqjq9UC5YbtM8c6%2FxzBzpJxhoMIwBJzcRjT2Oi%2BILEBhwXbeanp7mwA%2FTEs8YoK9nHlq64vAAn3wX%2F%2FgDUT9%2B%2FZWE4XWK4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Mon, 07 Mar 2022 08:17:54 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e6771bd-LHR
cf-bgj: minify

GET
H2 200 w.js Show response
stats.wp.com/ 11 KB
4 KB 145ms
44ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
server: nginx
etag: W/"61dc645f-2a3d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 10 Jan 2023 16:53:30 GMT

GET
H2 200 tie-scripts.js Show response
balleralert.com/wp-content/themes/sahifa/js/ 70 KB
21 KB 104ms
97ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 893685
cf-polished: origSize=74081
cf-bgj: minify
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riTbvR5wVxjIJh%2BzbwygJF58aQqPgtuFGVFpcjf%2B6%2BPuD6CO%2FJJtFyh8BZSdTHoLenWKZqP2rmLLJAf76I6FBZpYKYWx8DgW0cF%2FYeucmYurbov661VReYW3XhRZXm2wUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b5e6871bd-LHR
expires: Thu, 10 Mar 2022 12:30:37 GMT

GET
H2 200 ilightbox.packed.js Show response
balleralert.com/wp-content/themes/sahifa/js/ 78 KB
25 KB 67ms
60ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203637
cf-polished: origSize=79789
cf-bgj: minify
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJJe5y48SOfAES9ipbJuQU2a4IEmZqfCUjkx10JArNit%2FjEUltNZuac%2F2XiO8JDE9pTMBqmSTmLYJLItL5XmST63NIaEK00DlPVWu3XZm1O0CSzPBTAw8uqe%2BftWFVy6lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b5e6971bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 intersection-observer.js Show response
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 102ms
94ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
age: 506988
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELd1YhEZX5KFqUgGDm4hA%2BUa%2BmZy4MDIdDT%2BbfP65wLU5icfdzoynk2VFiZrnTAWMDcO14RniE5VaOuF741kWYycK4Kb4FSsUNiwxW5rFhju47R2%2Ba%2B%2BbZALF8krmG5lXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Mon, 14 Mar 2022 23:55:35 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e6b71bd-LHR
cf-bgj: minify

GET
H2 200 lazy-images.js Show response
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 65ms
58ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
age: 506988
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZVCEjulCgizN8z4J6gkVEIk8VlHwFeqPDaL%2Fe6KXCA7VkjFp%2Fnk9eTqtEbhXlAPNiMMS%2Fu7nBVF1TAXqCqnB56u%2By5fh3L5Lt4EhYwA9hc5F3MrtojQgropMCjCIZaTow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Mon, 14 Mar 2022 23:55:35 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e6c71bd-LHR
cf-bgj: minify

GET
H2 200 tracking.min.js Show response
balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/ 9 KB
3 KB 66ms
58ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4465cef0b729ca1b39f82d58964e333e8b84ae6dcb3d4f6a08582313426f94c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 13:52:24 GMT
server: cloudflare
age: 2203637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3epsbdTZXbtsTFxQWwpeN4cF99ysEQBShvdT7N%2BvEqgGoe2Dsgg%2BZ2XMjeWNm5r5yML8Y3lYwqvABiMyfDneGiiWQWr3PCUjRVtWpxOcZIzEIzemMMchuPbCSzCyJrENQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e6e71bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 delayed.min.js Show response
balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/ 877 B
682 B 65ms
58ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/delayed.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68de28ccd005c586a59c9a5c0653400886add03ab352219edb4b8651782d5e09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 13:52:24 GMT
server: cloudflare
age: 562787
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BTZKz8ZEv6YE%2B2fh9EXbneblSNOne%2FtaQliycA7Ia3ysBotbVKjeCYvWnqqEHVAYIJT%2FpwZxa%2FVfCFVBwS6jc0fCmohhqCxK%2F4Q9L4PeWEoCS9d6TctFFX7v%2B0iMoNM2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b5e7171bd-LHR
expires: Mon, 14 Mar 2022 08:25:36 GMT

GET
H2 200 search.js Show response
balleralert.com/wp-content/themes/sahifa/js/ 11 KB
3 KB 107ms
100ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/js/search.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2203637
cf-polished: origSize=15010
cf-bgj: minify
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rg8EbEK0HxQPues6Xj5qtXcssY%2FYB2cR1SP1vGge03hBFfgp7rh8iFYWetkT4xQ8Z%2BgIP3RpXZKKiB%2BiXEw%2FzDTPSlBR82qCpo8F%2Bzb7yqOU%2BUvJj6IKNmu11BzdxXbdCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa194b7ea071bd-LHR
expires: Wed, 23 Feb 2022 08:38:05 GMT

GET
H2 200 e-202207.js Show response
stats.wp.com/ 9 KB
3 KB 48ms
45ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202207.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 Feb 2023 21:40:53 GMT

GET
H2 200 ad-grid-balleralert-com.js Show response
console.adgrid.io/adgrid-build/ 725 KB
196 KB 346ms
237ms Script
application/javascript 2606:4700:20::ac43:45e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1e67260e52e8d3723859f81f5f726a214e5fd0a7741446786f199314a544b8e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Feb 2022 07:02:16 GMT
server: cloudflare
etag: W/"b53fc-5d7b8a59e4ea5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h084VX%2FiSSebrh8ToxWsd02cgBPgWwFm43jFxvig%2Fk1pqCLYT4bFFZ0CYuBho51%2FE4LL8USs%2FlCS1rYbDba63knvqtxIIxZqBpfnsuVeuTbav%2BLr2iFGWF7c4Prk7Ivdp59GAVzkvkiLma7164A3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194ce8ab743f-LHR
cf-polished: origSize=742396
cf-bgj: minify

GET
H/1.1 200
OK 9e1165f11504ccfb28e46b0c6.js Show response
chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/ 50 B
647 B 466ms
229ms Script
application/javascript 23.32.243.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/9e1165f11504ccfb28e46b0c6.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-243-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 91, 96
Date: Fri, 18 Feb 2022 20:45:23 GMT
Last-Modified: Mon, 15 Jun 2020 18:16:04 GMT
Server: AmazonS3
x-amz-request-id: D1D7FB80B6F4F1A0
X-EdgeConnect-MidMile-RTT: 0, 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: CrIPWKjGLfH5C2PQoqgs/3amsMACt9hcDDBALuGlc7rHogPD+3Bd5/PajRTBvLhZ+Rf3gGWR1RQ=
Expires: Fri, 18 Feb 2022 21:15:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 226ms
92ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9abc132fd14087fc484882b700f016b5121d33c2b376fbcdca0ac2f9afd453f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27564
x-xss-protection: 0
server: sffe
etag: "1136 / 628 of 1000 / last-modified: 1645185935"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H/1.1 200
OK adb.2716080.min.js Show response
prod.adspsp.com/ 243 KB
77 KB 248ms
105ms Script
application/javascript 143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.2716080.min.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39f94c7fae88d40b82ea1bfbe0415e0b18ece89cecf5a7f2710f1743aebe2366

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 03:56:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 15:14:15 GMT
Server: AmazonS3
Age: 60532
ETag: W/"9df95ff5d1cf807b4b87bdbc03694b14"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: CihlJ3Wqi_bvnNtNNrB-5m6jjZ0WgrqX0lWWtbRFxuocCMFRwQtmAA==

GET
H/1.1 200
OK 48abc395741f2bc89353997b0.js Show response
chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/ 50 B
854 B 357ms
187ms Script
application/javascript 23.32.243.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/48abc395741f2bc89353997b0.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-243-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 92, 367, 356, 102, 93
Date: Fri, 18 Feb 2022 20:45:23 GMT
Last-Modified: Wed, 06 Mar 2019 23:18:00 GMT
Server: AmazonS3
x-amz-request-id: 91B0B7E644075CF8
X-EdgeConnect-MidMile-RTT: 0, 0, 0, 0, 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1768
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: K5MgkNZei+J/SQnYOeGlqesypL81pwk4CxJPZL/o25k0zjPu03ZdKFFVaZlMjNGKGGo8deI70Uk=
Expires: Fri, 18 Feb 2022 21:14:51 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 197ms
57ms Script
application/javascript 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 25670277
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: uLN88n0A1lOJtfJlSszW8XmK2t83vJMvFBK1G-c2U_oEpfOidRE2qQ==

GET
H2 200 body-bg7.png
balleralert.com/wp-content/themes/sahifa/images/patterns/ 21 KB
21 KB 104ms
102ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
age: 2203635
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5k6a8x3yONRJ3eYBgrDsg3iMo6vedznRH1zUsMw0Uc4gOgsW9owTnofCAp3xsbUF0qi06MAoXPzYu5%2FlyDT70Zh5gAoleNtLJYPvFphNKnuzAmeUlv5Hu8mwuEMT7Ac3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7eba71bd-LHR
content-length: 21146
expires: Wed, 23 Feb 2022 08:38:08 GMT

GET
H2 200 home.png
balleralert.com/wp-content/themes/sahifa/images/ 1022 B
1 KB 100ms
100ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/themes/sahifa/images/home.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
age: 108305
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCAYQGtDTs2IKK0WnhVQmjhIsdXXr6rqoJDvpo3iJxQXNXt3erxs2RDoBwRx1AfijyMnblTSx0VEn5Fjtxz7ojOtlUY1E7%2Fq4IMRYRtmQKKyL%2B0av4iZzWB3rGm7s7e6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b7ebb71bd-LHR
content-length: 1022
expires: Sat, 19 Mar 2022 14:40:18 GMT

GET
H2 200 Screen-Shot-2022-02-18-at-3.30.38-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2022/02/ 141 KB
141 KB 222ms
119ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-3.30.38-PM.png?resize=559%2C300&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c201e5d25a4e864fc700bc7e468a1f9782337562956a09df06b044a4a64a67c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS lhr 7
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 20:45:23 GMT
server: nginx
etag: "c8640a2c26a1c445"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-3.30.38-PM.png>; rel="canonical"
content-length: 143924
expires: Mon, 19 Feb 2024 08:45:23 GMT

GET
H2 200 GettyImages-1345757633-scaled.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2022/01/ 8 KB
9 KB 156ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/01/GettyImages-1345757633-scaled.jpg?resize=660%2C330&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ed06657db67041358e60997923dcbeab671b1980241bdd3205d93a1f2c6142b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS lhr 2
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 20:26:02 GMT
server: nginx
etag: "c8988e96da399fa1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/01/GettyImages-1345757633-scaled.jpg>; rel="canonical"
content-length: 8552
expires: Mon, 19 Feb 2024 08:26:02 GMT

GET
H2 200 Screen-Shot-2022-02-18-at-2.40.19-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2022/02/ 175 KB
176 KB 188ms
86ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-2.40.19-PM.png?resize=597%2C326&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

68838d8016e63d727b4463e3c50c5dc10a9eaf1ad93c44e18cfab50bff28c0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS lhr 8
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 19:43:17 GMT
server: nginx
etag: "ea119aaeb7682c53"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-2.40.19-PM.png>; rel="canonical"
content-length: 179356
expires: Mon, 19 Feb 2024 07:43:17 GMT

GET
H2 200 Screen-Shot-2018-12-05-at-5.17.54-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2018/12/ 48 KB
48 KB 221ms
119ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2018/12/Screen-Shot-2018-12-05-at-5.17.54-PM.png?resize=338%2C222&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

67c4a10ad1888166b4122186ef1d88a61ffe66f2aae6f7713bea910777ed7ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS lhr 3
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 19:43:17 GMT
server: nginx
etag: "4fd6faa80fee2878"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2018/12/Screen-Shot-2018-12-05-at-5.17.54-PM.png>; rel="canonical"
content-length: 48726
expires: Mon, 19 Feb 2024 07:43:17 GMT

GET
H2 200 GettyImages-1185994754-scaled.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2022/02/ 18 KB
18 KB 221ms
119ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/02/GettyImages-1185994754-scaled.jpg?resize=660%2C330&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5c9e14cc99617da1d27e4fd7169aca374095883c5cf4f453c6fc742b084a7500

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS lhr 6
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 19:43:17 GMT
server: nginx
etag: "ba71cf4f314fb1a4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/02/GettyImages-1185994754-scaled.jpg>; rel="canonical"
content-length: 18442
expires: Mon, 19 Feb 2024 07:43:17 GMT

GET
H2 200 fontawesome-webfont.woff2
balleralert.com/wp-content/themes/sahifa/fonts/fontawesome/ 75 KB
76 KB 98ms
98ms Font
font/woff2 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://balleralert.com/wp-content/themes/sahifa/style.css
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
age: 166018
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrGllMH7mPazcVFo%2FZPtlKsO9%2BtGMaJHuXGhXOKCyzQOp7re%2FCadx3XiFZ6RECNmF%2Bvz9TXQZQAblSdxDttaO6nwqZCUSPCEQjNFp2NQjJeqhLlzJzQGmT9TZP%2Fv5Jmd9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b9ed671bd-LHR
expires: Fri, 18 Feb 2022 22:38:25 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 207ms
57ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:11:07 GMT
x-content-type-options: nosniff
age: 272056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 17:11:07 GMT

GET
H2 200 fontello.woff
balleralert.com/wp-content/themes/sahifa/fonts/tiefont/ 6 KB
6 KB 85ms
85ms Font
font/woff 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/fonts/tiefont/fontello.woff
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505

Request headers

Referer: https://balleralert.com/wp-content/themes/sahifa/style.css
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
age: 168546
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNWuQdRwIwH1YBgJ%2B2cUS4Ekn7UVt5D5dC8EKSSNK6W6sTMxwmRR%2F6iz9Bae80vTMKGk5Bbqg5hc9PwmL2NUsj1GSIH4Lp7VFtHw4hieA53D8dNEkob9lQ7Pefjri%2B91qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b9ed771bd-LHR
expires: Fri, 18 Feb 2022 21:56:16 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/151156/ Frame D0EC
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
https://cds.connatix.com/p/151156/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9

967 KB
235 KB

114ms
108ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/151156/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e5cf1d54bf8b2561c6049854ced8c8a2e9cde28ceb786c4becf7ce0321edd4b0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 18:55:11 GMT
age: 6215
etag: "74a29f418dcc8cdc3407bf528331f695"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 240304

Redirect headers

location: https://cds.connatix.com/p/151156/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
date: Fri, 18 Feb 2022 20:45:23 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/151156/ Frame 1F0F
Redirect Chain

https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
https://cds.connatix.com/p/151156/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9

996 KB
241 KB

60ms
54ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/151156/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd046ae8768789be91596e86c787d07da27d7c32763c0955e16c6dfc7213ebef

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 18:55:11 GMT
age: 6215
etag: "11c7884b9c50542ae2aafc79f067c759"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 246168

Redirect headers

location: https://cds.connatix.com/p/151156/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
date: Fri, 18 Feb 2022 20:45:23 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 stripe.png
balleralert.com/wp-content/themes/sahifa/images/ 93 B
423 B 67ms
67ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/themes/sahifa/images/stripe.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
age: 562782
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBteZhj7mxp1uqxdmGcjLa%2Fgm1Ke7qX2CsGuRYJWicvaSyL0PEUBN%2F73uSTRMzxoWWSNSnRxTKkt928lY4gMaT0MYxO6IDs7OH%2BWrN6wik7iDYg%2BNM%2FzR7K9P5fcyTmzhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b9ed871bd-LHR
content-length: 93
expires: Mon, 14 Mar 2022 08:25:41 GMT

GET
H2 200 bot_tip_icn.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/ 126 B
450 B 62ms
62ms Image
image/png 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/bot_tip_icn.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8464298798367d1e7712446840a81b5ef07a6484761dfc727433c7cf4c1dc94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 16:05:26 GMT
server: cloudflare
age: 83360
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkL71GSf4TvZX2dTanzb7bDSOTKJ3jM0Ar%2B9MLLhC%2FkkpCZyEQwamMlIGbBqGxW2fOtnPBkZpm1FmZUSsZaRNRzSMmpHflE1kt%2B9JE4IOZMG2R5GALmg4gc547xQJKXM3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa194b9ed971bd-LHR
content-length: 126
expires: Sat, 19 Mar 2022 21:36:03 GMT

GET
H2 200 BebasNeue-webfont.woff
balleralert.com/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 72ms
71ms Font
font/woff 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer: https://balleralert.com/wp-content/themes/sahifa/style.css
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jul 2021 15:40:12 GMT
server: cloudflare
age: 33635
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut2XbNkyh8L1mSAmRKgTwO59rewBoPrdRu2jB%2FAfVVvwFvfcQ%2BjNxsK5xiUmMVKZGD8s9bTVAZIvlofhvgXOR4%2BVkCQWh%2F4I0bx0ttb2auGbD4WiMkWZCNSdQ7vcrqmRtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa194b9edb71bd-LHR
expires: Sun, 20 Feb 2022 11:24:48 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 238ms
87ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038006012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 16747055602125368176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
36 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3874823-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038006012

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f33a878d95f0158f2ccac82abfaaece0fc37399b5e717018b09863ef36bd924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37323
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 191ms
53ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3874823-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4230
date: Fri, 18 Feb 2022 19:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Feb 2022 21:34:53 GMT

GET
H3 200 309371044533417 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 240ms
181ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/309371044533417?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

735377e871316a02cec460701202e3f0de071f9bc30a903c9dfbc334d19097d4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Vz/2SvjqtpmaM8g/VM3vPzNYwjrq7rQvGI8HOjnUWkGsmrqfv6mKU9cl+vRA8/Gxd5TCRWBc7hN1NZEqbKH1Bg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Feb 2022 20:45:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 137025170.js Show response
bat.bing.com/p/action/ 685 B
752 B 226ms
226ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/137025170.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d7f64407e5f5fec22946ab855636514358f0e999038bb7e8f4f31bccf6ee1fd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BA5F49CB1A6F4BB0807D104A121BB54C Ref B: FRA31EDGE0215 Ref C: 2022-02-18T20:45:23Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 587

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 149ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 16804192996499609317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame F220 10 KB
5 KB 188ms
54ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 18 Feb 2022 03:15:22 GMT
expires: Fri, 04 Mar 2022 03:15:22 GMT
cache-control: public, max-age=1209600
age: 63001
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.32/ 53 KB
23 KB 420ms
137ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9zkrdib96i
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:22 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=F4A5B2FE051E472893A2F5C686D86560&RedC=c.clarity.ms&MXFR=39F13866C2E56FF5162D2929C6E561A5
https://c.clarity.ms/c.gif?CtsSyncId=F4A5B2FE051E472893A2F5C686D86560&MUID=108BAD61BA54634735F7BC2EBBDF62A8

42 B
367 B

63ms
63ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=F4A5B2FE051E472893A2F5C686D86560&MUID=108BAD61BA54634735F7BC2EBBDF62A8
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4E47A981E1AD4C788D7775039B4E14A9 Ref B: FRA31EDGE0215 Ref C: 2022-02-18T20:45:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=F4A5B2FE051E472893A2F5C686D86560&MUID=108BAD61BA54634735F7BC2EBBDF62A8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 186ms
57ms Image
image/gif 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&time=1645217125382&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fballeralert.com%2F&random_number=21303690285&sess_cookie=750f5a8517f0e95140677322578&sess_cookie_flag=1&user_cookie=750f5a8517f0e95140677322578&user_cookie_flag=1&dynamic=true&domain=balleralert.com&account=oEQ9o1IW181052&jsv=20130128&user_lang=en-US
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 03:50:21 GMT
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 60903
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: v_osDNB0So88N3p-bqOBWMCkTW9EvDn9pDpDjilj0Y3a7S4FXZBMgA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 406ms
128ms Image
text/plain 2600:1f16:bc:1202:21b8:ab1d:2133:69ff
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1202:21b8:ab1d:2133:69ff Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
server: Server

GET
H2 200 pubads_impl_2022021602.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
122 KB 169ms
55ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124238
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 02:36:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Feb 2023 20:36:42 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 166 B
747 B 219ms
62ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=balleralert.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

289b0947b4b981e10ecfe7b37b9259baef0668dec6b0acc02b62d5a14ef22b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/ 2 KB
1 KB 136ms
73ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/?random=1645217125495&cv=9&fst=1645217125495&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9de939b14effab78b17526b142ff1d928dd728f19b4a89c8c51f6a61c57cf058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1038006012/ 2 KB
1 KB 131ms
67ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1038006012/?random=1645217125497&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1121058685.1645217125&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f7c6726fd3b04f5d770e1ba596404b8ba924dc67e3df73b3316182c22a6e62cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 128ms
67ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W82C4C5&t=gtag_UA_3874823_1&cid=464597375.1645217126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a0710588223968ee9b0781ba147b642e745256eb7f69ff23c61da6f19449897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35859
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H3 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ 55 KB
21 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24c40e804d92901fab912e4679cb0b4b4ce780d7229e7b73cb5cd0eb7e93550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 04:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21621
x-xss-protection: 0
server: cafe
etag: 16801694865458692746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 04:29:26 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 191ms
62ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=balleralert.com&callback=_gfp_s_&client=ca-pub-5729413333126369

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1ec81be7e8d4ea0682753b08cc206d3a1ef0b03110a11e4276853a6a7c58e8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 219ms
63ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=balleralert.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 193ms
63ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=balleralert.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B117 0
19 B 135ms
134ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5729413333126369&output=html&adk=3046330955&adf=2044148826&lmt=1645217125&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fballeralert.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645217125238&bpp=3&bdt=624&idt=291&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4289848002493&rume=1&frm=20&pv=2&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062422%2C31064036%2C31061691%2C31061692%2C31064019&oid=2&pvsid=3190168124789473&pem=536&tmod=1202785987&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Feb 2022 20:45:23 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Feb 2022 20:45:23 GMT
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 182ms
58ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=309371044533417&ev=PageView&dl=https%3A%2F%2Fballeralert.com%2F&rl=&if=false&ts=1645217125587&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645217125585.1653390038&it=1645217125159&coo=false&rqm=GET

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 18 Feb 2022 20:45:23 GMT

GET
H/1.1 204
No Content /
adspsp.com/pt/2716080/19/1/ 0
110 B 857ms
212ms Image
image/png 34.212.80.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2716080/19/1/?a=2,a2kzsvsqjsJCurP9zN1W,QjmQN69xEm&aa=00Gumh&b=&e=&c=https%3A%2F%2Fballeralert.com%2F&d=&f=1.kzsvsp2q.1T1gt&g=1T1k2&u=0e02f78e:ktk7sb0r:247&v=18g.xc.0.3sn&rnd=1645217125588
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.212.80.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-80-11.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H2

200

/
www.google.de/pagead/1p-conversion/1038006012/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&res...
https://www.google.com/pagead/1p-conversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_...
https://www.google.de/pagead/1p-conversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h...

42 B
108 B

71ms
71ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1121058685.1645217125&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=YwUQYqfBLcGF4gHurY6wDA&cid=CAQSKQCNIrLMMM2Vox2jcarl8el1_pBRZnMhyyeYAsJNloaG5-XDyiMtcvbJ&random=3527326551&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDYe19IPoJGXcuJboPdLI9zLzPzyRVtZHAQXBp_KABvd-Lve52WPRBNfaN7PF2uvlVuGWInUpaTeNlZ2-Q9O6lV

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1038006012/?random=198866635&cv=9&fst=1645217125497&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1121058685.1645217125&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=YwUQYqfBLcGF4gHurY6wDA&cid=CAQSKQCNIrLMMM2Vox2jcarl8el1_pBRZnMhyyeYAsJNloaG5-XDyiMtcvbJ&random=3527326551&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDYe19IPoJGXcuJboPdLI9zLzPzyRVtZHAQXBp_KABvd-Lve52WPRBNfaN7PF2uvlVuGWInUpaTeNlZ2-Q9O6lV
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1038006012/ 42 B
108 B 196ms
80ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038006012/?random=1645217125495&cv=9&fst=1645214400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&async=1&fmt=3&is_vtc=1&random=1182150939&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1038006012/ 42 B
548 B 197ms
68ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1038006012/?random=1645217125495&cv=9&fst=1645214400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&async=1&fmt=3&is_vtc=1&random=1182150939&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 61ms
60ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1095585121&t=pageview&_s=1&dl=https%3A%2F%2Fballeralert.com%2F&ul=en-us&de=UTF-8&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAAC~&jid=156646173&gjid=1852553263&cid=464597375.1645217126&tid=UA-3874823-1&_gid=1782053112.1645217126&_r=1&gtm=2ou2g0&z=862680363

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 183ms
56ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3874823-1&cid=464597375.1645217126&jid=156646173&gjid=1852553263&_gid=1782053112.1645217126&_u=aGBAAUACQAAAAC~&z=71126214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Feb 2022 20:45:24 GMT
content-type: text/plain
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 60 KB
23 KB 115ms
53ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

994ab1ecd36f2f4b3aeaeca3a8076c252afadf3710c183dbbfc1e0930c4ea081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23125
x-xss-protection: 0
server: cafe
etag: 8562238015891237552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 21:21:47 GMT

GET
H2 200 / Show response
www.iheart.com/podcast/1119-the-baller-alert-show-53352259/ Frame 9481 44 KB
10 KB 178ms
55ms Document
text/html 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b3ab4576fa5cc689c3786c530cbb2946dbb4534aa7e812dfe17c05c7d875253a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
edge-control: cache-maxage=900
etag: W/"b128-rq6lmJ5OLl0062bZybZRh0A6ByU"
x-dest: http://web-www-20220215163626:8000
x-powered-by: Express
x-request-id: cortex-proxyd-varnish-5fc89964bd-b79n4/9R8Xv8qYwV-698991566
via: 1.1 varnish (Varnish/6.5), 1.1 varnish
accept-ranges: bytes
date: Fri, 18 Feb 2022 20:45:24 GMT
age: 1584
x-served-by: cache-hhn4057-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1645217124.230944,VS0,VE1
vary: Origin, X-NoAds, Accept-Encoding
normalized-language: en
x-ihr-app-language: en
x-ihr-app-country: WW
x-fastly-country: DE
geoip-country-code: DE
client_geo_latitude: 49.450
client_geo_longitude: 11.080
client_geo_postal_code: 90403
strict-transport-security: max-age=31557600
content-length: 10109

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81d655d03a28e477c55b40b4328a817dcc8c86c1659caabb80e29f5f3acd0b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zfkUmnTcpxtt8mRcpkGwmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: j6m2LubBn6ISkdGRhVr8pxGelh+UcYQ4ICNu8oPY3beaX2Cu52lEH0nLKjZUyym1zjhgDWQk54T5wMhfs/kaPw==
x-fb-content-md5: 1713090f73ef22b18ca223615f53b941
x-frame-options: DENY
date: Fri, 18 Feb 2022 20:45:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "20288a9e2fb3a8a7f0bfb33632cfe3c0"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Feb 2022 20:47:19 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ 126 KB
44 KB 120ms
57ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d79e7244eab835df38c082b629f28ebe7e98d8ed0ad1bfe635dbf85ce24949d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 10:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44806
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 10:50:44 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ 118 KB
40 KB 141ms
79ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_1?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f9b1f8eca1aeed723101c429d07332e17fd61c0e546f4a7afb048437f5b4109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41095
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 05:26:39 GMT

GET
H2 200 subscribe_embed
www.youtube.com/ Frame 9FEE 0
0 216ms
85ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 20:45:24 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fontawesome-webfont.woff
balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/fonts/ 82 KB
82 KB 52ms
51ms Font
font/woff 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 15:51:37 GMT
server: cloudflare
age: 586
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36O2Gu4YsJ8%2BJqR%2FXHTBtqtU4%2FY35OriVIO%2FmLF%2Fg2ffEKCjmM3yH8tpjBfsZNvWwjPqhyzPBWbON%2Fs0fQBdY7B9tipdHPLBcreUGGKwV8rX%2B2Ft6aBFW2nKwPJoot4Pvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dfa195208ea71bd-LHR
expires: Sun, 20 Feb 2022 20:35:38 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 50ms
44ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.4356001481251559
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Feb 2022 20:45:24 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
75 B 44ms
44ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=159055169&post=70807&tz=-5&srv=balleralert.com&host=balleralert.com&ref=&rand=0.1367660581280037
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Feb 2022 20:45:24 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 200 ajax-handler.php Show response
balleralert.com/wp-content/ 2 B
405 B 184ms
184ms XHR
text/html 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://balleralert.com/wp-content/ajax-handler.php

Requested by

Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OaS0Rr8k0heBHCUEA15CDHuPoZB41o0fEGruird%2B7JK%2BCaiC0SdU4P4PNPRByEAXD5U%2BxcdbCagOsak7uFIE%2BjVIs8XKxg3KBLyCgCHOyJtY2GG%2Bjz7FuT0YFPYQ0IoHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0, smax-age=0
cf-ray: 6dfa1952495271bd-LHR
x-robots-tag: noindex
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 687.js Show response
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 49 KB
18 KB 57ms
57ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/687.js?minify=false&ver=324ab402e15d548bfe20
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1c5f6457b17a9a545e2ebd2ddc7fe06e6f480b87f988ab64dcc99f47be1f78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1168050
cf-polished: origSize=50151
cf-bgj: minify
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BNNW4Tnko0dyp8oMFjY7A6DJyJ6RSCcQkUp%2FiJEBiwWeA%2BkKCL6TbbbrSxTJvQf5nGNqNXlonOL82EdLnUZIfXKmnLnx05eb8JXx%2BFbXtVAvWyx5vr44cgFXLR6OYFOPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa1952698871bd-LHR
expires: Mon, 07 Mar 2022 08:17:54 GMT

GET
H2 200 jp-search.chunk-main-payload.css
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 31 KB
5 KB 52ms
51ms Stylesheet
text/css 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=23b8b917cbc7814a50b5
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df4e2b02efe67cbe33aa879273eb71afc6c33d8bcf6d424091b442c17f2a4acd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1168050
cf-polished: origSize=32124
cf-bgj: minify
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq73wVorG%2FLHhJ6%2B9cT5qrEDS5d0Z6o7b3204SKRTg3WIenD1SlqOUHNVNN0yZZ3Wfg%2BqVgAWP26YeXUQwMbVKIpnNBPHbn7g%2BScHA7xQnqs6DNBT2981WJFb2QptBVObA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6dfa1952698c71bd-LHR
expires: Mon, 07 Mar 2022 08:17:54 GMT

GET
H2 200 jp-search.chunk-main-payload.js Show response
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 71 KB
19 KB 57ms
56ms Script
application/javascript 172.66.43.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=8b906e010a6ed92f40e1
Requested by: Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e64038b684263ab1edea35ed48cf0073edaa2959bde3e541d58cdeecaa783a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1168050
cf-polished: origSize=73677
cf-bgj: minify
last-modified: Tue, 01 Feb 2022 16:54:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i66VrB09edsC0QXCI8v4hXsuv%2BYe9DYQ7P%2BRAZXzdpRBMiH93VhB11DdLlFa1zXjUxmcP4LxsNtjku382PMQ%2Fn6wZOSOsZwcumvmxMgzi7yzvDfXU7Mz5Uq70YHugF8OTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6dfa1952698d71bd-LHR
expires: Mon, 07 Mar 2022 08:17:54 GMT

GET
H2 204 0
bat.bing.com/action/ 0
161 B 86ms
85ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=137025170&Ver=2&mid=838ecd54-69dd-4d3e-9dbf-cd5a39ab3b57&sid=b349c7f090fb11eca7b8afd9da641592&vid=b34a08d090fb11ec89f4b3a7947bc8f0&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&p=https%3A%2F%2Fballeralert.com%2F&r=&lt=2484&evt=pageLoad&msclkid=N&sv=1&rn=112477
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF99E8AF0818449790E51F34CC58F4B7 Ref B: FRA31EDGE0215 Ref C: 2022-02-18T20:45:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
27 KB 94ms
93ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

f34a434f7c1a3a354a09b3d9323fe427a1022b72dd412c429f533f4fbaf1c6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27938
x-xss-protection: 0
server: sffe
etag: "1136 / 703 of 1000 / last-modified: 1645185935"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Feb 2022 20:45:24 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 200ms
65ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 463
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SJBJX51HSKEFBMWKEH2
date: Fri, 18 Feb 2022 20:37:45 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ybRiRJwgA0SNeIldmdvV-q6wrwTN3L_K5iRshRvT7FNaQyeURf8zsw==

GET
H2 200 Screen-Shot-2022-02-18-at-3.30.38-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2022/02/ 50 KB
51 KB 117ms
116ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-3.30.38-PM.png?resize=310%2C165&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7b8e47691d996befe04918a7ff52d78bbd9ac92ea5a05d03f9c4398b33df95fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS lhr 7
date: Fri, 18 Feb 2022 20:45:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 20:45:24 GMT
server: nginx
etag: "927e23dc482a45ba"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-3.30.38-PM.png>; rel="canonical"
content-length: 51682
expires: Mon, 19 Feb 2024 08:45:24 GMT

GET
H2 200 GettyImages-1345757633-scaled.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2022/01/ 3 KB
3 KB 45ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/01/GettyImages-1345757633-scaled.jpg?resize=310%2C165&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0e8b049129b6d54e346d18eefb31ce31b7dc76409e0eb85239d1364e61793a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Fri, 18 Feb 2022 20:45:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 20:28:27 GMT
server: nginx
etag: "eaee976ed23b2258"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/01/GettyImages-1345757633-scaled.jpg>; rel="canonical"
content-length: 3322
expires: Mon, 19 Feb 2024 08:28:27 GMT

GET
H2 200 Screen-Shot-2022-02-18-at-2.40.19-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2022/02/ 56 KB
57 KB 46ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-2.40.19-PM.png?resize=310%2C165&ssl=1

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d63f92a1937b8bc2e3b7511995962cc1b7bb78251fcce456f8f2e72e8db20e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 8
date: Fri, 18 Feb 2022 20:45:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Feb 2022 19:43:18 GMT
server: nginx
etag: "a03d5e9d228726f3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-18-at-2.40.19-PM.png>; rel="canonical"
content-length: 57734
expires: Mon, 19 Feb 2024 07:43:18 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame CBE2 2 KB
846 B 83ms
83ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.9/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05a3dbb97b616c4aa70647461cd3e9f2ac72aa518a19c42c1a9756ccfafce421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 20:45:24 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 FollowCompany.js Show response
www.linkedin.com/pages-extensions/ 1 KB
2 KB 309ms
171ms Script
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.159

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: ; font-src data: ; child-src blob: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
content-length: 487
x-li-uuid: AAXYUPZK6D8FDVc6KIKKWQ==
pragma: no-cache
last-modified: Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 095C7F615C0542EAB59E7B4AAA9EC1C4 Ref B: FRAEDGE1221 Ref C: 2022-02-18T20:45:24Z
date: Fri, 18 Feb 2022 20:45:23 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
etag: "54a30ab98c058e727f9cc13e6c6f96d02453bf31"
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
accept-ranges: bytes
x-li-proto: http/2
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 61 KB
17 KB 181ms
60ms Script
text/javascript 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee49a30cc6244e9cefb2bac9580da6a9768c49692d1a8988572254f4ff7d2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing,cf-ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
server-timing: total;dur=0
cf-ray: 6dfa1954bd4b771f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
242 B 494ms
130ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://balleralert.com
Date: Fri, 18 Feb 2022 20:45:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 221ms
82ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 358ms
166ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175794&size_id=2&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=13d055bf-8724-40e0-9a52-67c6335a0fbd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8424810941549932
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 26c288c5bc53e94f803622ea790f5351af44bcd9b5252fe7ec73b4904ccc47e4

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
329 B 182ms
56ms XHR
application/json 54.77.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?aun=leaderboard_ad_1&t=227109&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.66.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 11 KB
6 KB 348ms
225ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4587e41c367c1443f3bec0d23731fdfc626663503a0ec3a14acf512eaa37ef22

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 18 Feb 2022 20:45:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 051c9a92-e2bf-4932-b7af-baa4c29529b4
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
330 B 337ms
156ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=726630&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22110214052b1746%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fballeralert.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22129c3a6fb9d5bc9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22726630%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22726631%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22532706%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a33c445a76f7968b1d17a5f09e83e8b57d3ee4334fb70d0b8e8311760914f462

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.39], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://balleralert.com
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 27
expires: Fri, 18 Feb 2022 20:45:24 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 242ms
125ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

da2a28f8dfd9082c9f6ced35acd9ae66d8e0374278aa201cabf74cb1b7d6c7e4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:24 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 14de97d2-69b8-4541-a149-2ad198089d46
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
242 B 588ms
239ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://balleralert.com
Date: Fri, 18 Feb 2022 20:45:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
328 B 173ms
57ms XHR
application/json 54.77.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?aun=medium_rectangle_ad_1&t=227110&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.66.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 239ms
114ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 316ms
130ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175796&size_id=15&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=e56d6eb6-6e15-4d51-89ca-2de8ba528ca4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.030075248381440822
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b4cf39b67d6275bebeb3b05320aa51c22d195ed0876d5a33609329b15a311e96

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 373ms
198ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=726630&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225a29d7e5fe1e4b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fballeralert.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222692470b6f7b0c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726630%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726631%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532706%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7917da41a36d13f14f392d512a3b0a1343f346af39d52ea8f281bb235dd62b6d

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.39], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://balleralert.com
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 27
expires: Fri, 18 Feb 2022 20:45:24 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 290ms
180ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e811854b6a468fa3266948cefa547ac1efd56766bdceb069f779cb05f5979f3a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:24 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7415e846-4858-47ef-9603-a4522882f707
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 534ms
365ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=726630&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223176998a395af29%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fballeralert.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232f1be4c00d92e9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726630%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726631%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532706%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bd0cbc0bb55f4aa9925bd1397be5094e37d80cd24f58ad772becbf429b6486f8

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:25 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.39], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://balleralert.com
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 27
expires: Fri, 18 Feb 2022 20:45:25 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 304ms
123ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175796&size_id=15&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=d37e4b41-5138-4659-82f8-bfd4df8b0d41&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10717164107113852
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7fec8e1607ac29947e34121b8a928931e592649d0ff58be84c83680172f843a1

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
242 B 464ms
121ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://balleralert.com
Date: Fri, 18 Feb 2022 20:45:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
328 B 165ms
57ms XHR
application/json 54.77.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?aun=medium_rectangle_ad_2&t=227110&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.66.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 217ms
101ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 335ms
228ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

485b180676e7564936e5c6df7c957acb4354b7f5f13d45abd6c3b0d81201d3f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 18 Feb 2022 20:45:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a2a163e3-53a1-4054-92fa-303340a302fb
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 KB
2 KB 353ms
250ms XHR
application/json 54.77.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?aun=adhesion_ad_1&t=drteytvw&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.66.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 331a1f214d5aa357574f8c5cadc253b5190b1f36a6e38c5a7d1d5b7830089fd9

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
242 B 470ms
129ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://balleralert.com
Date: Fri, 18 Feb 2022 20:45:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 198ms
86ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
1 KB 250ms
73ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175800&size_id=2&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=41cfa9dd-d9ed-454b-94b9-8499ebb50677&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8716726828246435
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c77601c3c05dd92f93b19761ee402f48b655788f0f39ed04a7d156489ba3ebef

Request headers

Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://balleralert.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C137 0
18 B 117ms
57ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://balleralert.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://balleralert.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Fri, 18 Feb 2022 20:45:24 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 120ms
60ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=661b04be2407c11c8298d3b66e9c969a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef3ec76de98167d26fd0e8dce38b9d01a1a151c9908c9b6b99ab7cabf8131b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://balleralert.com/
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tuoRWOqrJ2o7uZ4CJ1bYZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83621
x-fb-rlafr: 0
x-fb-debug: JKdzsXVZZbJwNewOGmUbrEB27U2DDiOxqL2O8RyErgqxrULAzbVDyOYYhEvWtYmPdI9FrB9rEjQ94IwwGG0RXQ==
x-fb-content-md5: 58fb3ac81bd0ffcdb8f797faca0f63ce
x-frame-options: DENY
date: Fri, 18 Feb 2022 20:45:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1fe26a0e8945694595e529607d660f5c"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Feb 2023 19:54:23 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
93 B 133ms
132ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 130ms
67ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://balleralert.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 21:36:56 GMT
x-content-type-options: nosniff
age: 342508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 21:36:56 GMT

GET
H2 200 runtime.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 3 KB
2 KB 64ms
63ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/runtime.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a01b76770d92d5596af77d63615d54dbe9a773ac0f3ecc0e37d4ce63e5ee9432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273009
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles runtime.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 1498
x-amz-id-2: 8ZqidvtHrwSMkLPsb8LxGObcVL/mYA36B7hSRdxlZnNfIahEGnPy0OSzNoiBq2L2buGuItMyfhI=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.623774,VS0,VE1
etag: "d3f799fc7d3682c76a2532fd999ba979"
strict-transport-security: max-age=31557600
x-amz-request-id: KQF2MJK24BDQPKGR
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 407.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 205 KB
67 KB 63ms
62ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/407.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c912a971a83336c2b8446333cea23553ebd886a841ef71bc6021cbe7a1125db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273009
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 407.widget.js
x-cache-hits: 1338
client_geo_postal_code: 90403
content-length: 68167
x-amz-id-2: 2Oe3JJhku2xIsuuqkTK/beUYep7vY4epqahu1PsvaaxKFzIeO1LJfapMGBfoIPLpqRzh3AGU9mY=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.624089,VS0,VE1
etag: "b1ca09e92b4ac821c481a8a10da3ae4e"
strict-transport-security: max-age=31557600
x-amz-request-id: MYSF41S2K4166TPE
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 623.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 18 KB
7 KB 63ms
61ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/623.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66042ee5fee58266023430e54c12a32f672a719d6e7ce4f67df7882f5fbc0054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273009
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 623.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 7259
x-amz-id-2: v16hDixPbGvppn1F2ba/wpCTf7dRJNVtaDM+dLxlspIpKGdAmAKvlf5vmDvxLwvgSZ1iLrZhDdQ=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.624370,VS0,VE1
etag: "0af17a1fd50572c0d302493e12256c3b"
strict-transport-security: max-age=31557600
x-amz-request-id: KQFF06T0W68G91Q4
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 511.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 4 KB
2 KB 62ms
61ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/511.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1de5015dc10eb355a2c05d402553942417131c51222462cf2b0e44215594e6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273009
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 511.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 1766
x-amz-id-2: DWtwwpjIJp+rLLdEH3bMaJb1o8U/GDsFcHx3NWLigaum5Nb2PYmpbDz9gwjrlkKb3gmXaHFVwu4=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.624649,VS0,VE1
etag: "64b814acf8281f6802cfabc36d5d0b55"
strict-transport-security: max-age=31557600
x-amz-request-id: MYS36C6Y82F8YK3S
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 526.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 66 KB
23 KB 61ms
60ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/526.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8796768e42946ecb8f1c6e418e12ce35071f90fc4705ed51e7662ce7966ef2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 218910
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 526.widget.js
x-cache-hits: 9
client_geo_postal_code: 90403
content-length: 23256
x-amz-id-2: sx/8uK7N2PI2xoXY45apPDLnfKbOOh949ASJYvkDKBYPY72d7e3r84KZx8OE31/L9vuufdCG5Vs=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.624897,VS0,VE0
etag: "a9c17553b2983fbbf8ace23c0a927ade"
strict-transport-security: max-age=31557600
x-amz-request-id: YDB09TAM246QMDP9
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 702.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 34 KB
12 KB 120ms
119ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/702.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59c79b378c22c38467b584a8d6556edb441212ee62a9c341f2c62e8f0463dd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273008
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 702.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 11493
x-amz-id-2: T9Mm7xgmcIt+NbAXpzmw2phimoAyPuWMJvwEQKgCppngk6KL7xsAvcJ84Qca3RWl0L2gTTapkrI=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.625216,VS0,VE1
etag: "b3ddb08bd7700008d95c4e55d7276a40"
strict-transport-security: max-age=31557600
x-amz-request-id: KQFCSMNWMT45RZBW
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 355.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 5 KB
3 KB 119ms
118ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/355.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a2eea28047e3d5fd3ba8171b78cb15206ab5646ac2bd9e036d3fb4196dbcbe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273009
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 355.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 2511
x-amz-id-2: i68JwqTKgbERDd+yUOGGKWiC0s9Fn/8+0SMSBfgGLv1CHj5HHN2i0rQop04g+MTGMsawRm5GwZ8=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.625422,VS0,VE1
etag: "523bdebbf3100d8f03e10ea69939e34c"
strict-transport-security: max-age=31557600
x-amz-request-id: MYS9G1CVYE68QDEC
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 916.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 11 KB
5 KB 117ms
116ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/916.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c705c416e9d7b5d9db7d85594d038943be3630bd22ff591e0799af570b862ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 273009
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles 916.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 4848
x-amz-id-2: bYo3ia6fPDon4M243RJZGJ6lPs8t5QQLDYCLc9Pa1CH7owJWa3Srpf6AT/ur3qfL2+J8bvuSlHo=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.625625,VS0,VE1
etag: "4dde11b63086932d335ee9ade4e26016"
strict-transport-security: max-age=31557600
x-amz-request-id: MYSF5TSDMQNND52D
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 podcastProfile.widget.js Show response
www.iheart.com/v8.32.0/f70a53b/bundles/ Frame 9481 9 KB
4 KB 118ms
117ms Script
application/javascript 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iheart.com/v8.32.0/f70a53b/bundles/podcastProfile.widget.js

Requested by

Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.210.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13a930c42eb430ea3fc33e64bceace1e66c58d5d26bd7cd6efff7a56613d0ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

geoip-country-code: DE
x-amz-meta-cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-fastly-country: DE
age: 189202
x-cache: HIT
x-amz-meta-surrogate-key: web v8.32.0 f70a53b bundles podcastProfile.widget.js
x-cache-hits: 1
client_geo_postal_code: 90403
content-length: 4072
x-amz-id-2: tZk3MiAh8yUtmVv4gZG2HCEOwk+bbAPtKd+2xJBzzjwym2nWhvMmaZK0pIjGfJCk4rWlWZZ4t/w=
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
client_geo_longitude: 11.080
last-modified: Mon, 14 Feb 2022 21:55:22 GMT
server: AmazonS3
x-timer: S1645217125.625780,VS0,VE1
etag: "b06c0a78f072416a4ea13af97d5c1ee9"
strict-transport-security: max-age=31557600
x-amz-request-id: SH1Q0XR1E9MR3JBE
via: 1.1 varnish
client_geo_latitude: 49.450
cache-control: max-age=31536000
normalized-language: en
content-type: application/javascript
x-ihr-app-language: en
date: Fri, 18 Feb 2022 20:45:24 GMT
x-ihr-app-country: WW

GET
H2 200 aHR0cHM6Ly9tZWdhcGhvbmUuaW1naXgubmV0L3BvZGNhc3RzLzVhMjEzZTk0LTA2NDctMTFlYS04MDgwLTJmMDBiMmE0ZGU3Ni9pbWFnZS91cGxvYWRzXzJGMTYwNDUzNDE1NzMzMi1sbXR4dmN6eHU4Zi0yZTg2YzkxY2MzMzQwMDBlMTk1NzFmYWRmYmYxYTAwM...
i.iheart.com/v3/url/ Frame 9481 9 KB
10 KB 124ms
101ms Image
image/webp 199.232.210.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iheart.com/v3/url/aHR0cHM6Ly9tZWdhcGhvbmUuaW1naXgubmV0L3BvZGNhc3RzLzVhMjEzZTk0LTA2NDctMTFlYS04MDgwLTJmMDBiMmE0ZGU3Ni9pbWFnZS91cGxvYWRzXzJGMTYwNDUzNDE1NzMzMi1sbXR4dmN6eHU4Zi0yZTg2YzkxY2MzMzQwMDBlMTk1NzFmYWRmYmYxYTAwMV8yRlRCQVMlMkItaUhlYXJ0JTJCcGljJTJCXzI4MV8yOS5qcGc_aXhsaWI9cmFpbHMtMi4xLjImbWF4LXc9MzAwMCZtYXgtaD0zMDAwJmZpdD1jcm9wJmF1dG89Zm9ybWF0LGNvbXByZXNz?ops=fit(240%2C240)
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.210.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 725743df024a8a61fe883e22e85ec8b4efea221d9c2d35f240e88548cc40bdf1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
via: 1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-age: 1230416
content-length: 9404
x-ihm-mediaserver: Ahshaj4o
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn4057-HHN
last-modified: Fri, 04 Feb 2022 12:14:03 GMT
x-request-id: cortex-proxyd-varnish-5fc89964bd-fsdpp/kitq5kqAWm-331967940
x-timer: S1645217125.697142,VS0,VE1
x-dest: http://mediaserver-20211130193250:8000
etag: "14941221b6edae951e0f54c6f87db05766c4d713c862d856b01f8a1bdeef585f"
vary: X-WEBP, Origin
content-language: en-US
cache-control: no-cache, max-age=21600, public
accept-ranges: bytes
content-type: image/webp
x-cache-hits: 1, 1

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame FCED 565 B
906 B 205ms
65ms Document
text/html 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_1?le=oz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3fb0bdd7a0fa01cc73f7045910772b60469590482a9502aaf87700394b85959

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x+DpIzPHhZB95GCkLaRbTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 20:45:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-x+DpIzPHhZB95GCkLaRbTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame CBE2 38 KB
6 KB 57ms
57ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 15:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 15:22:15 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame CBE2 252 KB
72 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 17:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 17:18:44 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 73ms
71ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fballeralert.com&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 16:36:37 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: Server
age: 14927
x-cache: Hit from cloudfront
access-control-allow-origin: https://balleralert.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5EzxhwW6_LETQG7AQPkUi3fSXvfjiQIgqozD41zTOb2k3DIVew7qmA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 102ms
96ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=RNzBVZi7cg3w1&cb=0&ws=1600x1200&v=7.73.0&t=700&slots=%5B%7B%22sd%22%3A%22leaderboard_ad_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: TM0JVA6060GSTA75RNZ1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://balleralert.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: g_ZbpOAAue3psYBgjDLqqLVTAMogrOfeyXaWiXbsAciO5AFCkxtbzQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 99ms
99ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=RNzBVZi7cg3w1&cb=1&ws=1600x1200&v=7.73.0&t=700&slots=%5B%7B%22sd%22%3A%22medium_rectangle_ad_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: DJF0PZ4W34WF18YXMMA9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://balleralert.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TTykHrYr1BHYKjCHtwTP50X3YFJrTQGMraOG8TJ1l0QbFZsqQ3u9nA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 97ms
97ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=RNzBVZi7cg3w1&cb=2&ws=1600x1200&v=7.73.0&t=700&slots=%5B%7B%22sd%22%3A%22medium_rectangle_ad_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: ZGM2A9ZHZTMYN2M995A3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://balleralert.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tRECj6oIchE7tRKEcF1--Nr-A8p_IoC5oEZiom55AV31WWbLDUbSsw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 108ms
107ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=RNzBVZi7cg3w1&cb=3&ws=1600x1200&v=7.73.0&t=700&slots=%5B%7B%22sd%22%3A%22adhesion_ad_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%2Fadhesion%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 0NVRY8K6V2G52STDMV3H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://balleralert.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BWPTlbcqnbc0xOSCmuA-xLxyDyTK6rM-ALuIcF_gZ1YfKhOf6leXsA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 104ms
101ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=RNzBVZi7cg3w1&cb=4&ws=1600x1200&v=7.73.0&t=700&slots=%5B%7B%22sd%22%3A%22out_of_page_1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:24 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: ZHCDVBR3T2R3XACH0QS0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://balleralert.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: x0wqAZaObW8mXCtrv5jETKh8aa_Tn-YCLC9BPZDByr3cW_TfJIAlig==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 176ms
58ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 63105
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Fri, 18 Feb 2022 03:13:40 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kqFqBouDJQRoroMIFJ6O9j-y0jR45exSZUKqIxpjGKIaex_6uEMPJQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1095585121&t=event&ni=1&_s=2&dl=https%3A%2F%2Fballeralert.com%2F&ul=en-us&de=UTF-8&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=z5wzqo&_u=aHBAAUADQAAAAC~&jid=&gjid=&cid=464597375.1645217126&tid=UA-3874823-1&_gid=1782053112.1645217126&gtm=2ou2g0&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9zkrdib96i%2Ffbpyp0%2Fz5wzqo&z=815664331

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 12:21:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30252
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 search Show response
public-api.wordpress.com/rest/v1.3/sites/159055169/ 14 KB
3 KB 333ms
237ms Fetch
application/json 192.0.78.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/rest/v1.3/sites/159055169/search?aggregations%5Bpost_type_0%5D%5Bterms%5D%5Bfield%5D=post_type&aggregations%5Bpost_type_0%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bfield%5D=taxonomy.tribe_events_cat.slug_slash_name&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_2%5D%5Bterms%5D%5Bfield%5D=category.slug_slash_name&aggregations%5Btaxonomy_2%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_3%5D%5Bterms%5D%5Bfield%5D=tag.slug_slash_name&aggregations%5Btaxonomy_3%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Bdate_histogram_4%5D%5Bdate_histogram%5D%5Bfield%5D=date&aggregations%5Bdate_histogram_4%5D%5Bdate_histogram%5D%5Binterval%5D=year&fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=has.image&fields%5B6%5D=shortcode_types&fields%5B7%5D=image.url.raw&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=15

Requested by

Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=8b906e010a6ed92f40e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

25cae7a9b075c13110ec95acfeaf13056fd6e59f0534b977d2a55ed42961fd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-hacker: Oh, Awesome: Opossum
date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: false
x-ac: 2.lhr _dca
strict-transport-security: max-age=15552000
host-header: WordPress.com
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame FCED 0
20 B 129ms
65ms Other
text/html 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-Ihvwpvp5qs98lc9q+yv9pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:24 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-Ihvwpvp5qs98lc9q+yv9pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame CBE2 156 B
179 B 55ms
54ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 09:51:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 212015
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Feb 2023 09:51:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ Frame CBE2 128 KB
42 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4866273fbeb45fc7e9929611052b7f7202ec0a3ab1b35d13302b892c3c52b2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43054
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 15:34:12 GMT

POST
H/1.1 200
OK loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=5fc3cdd9-dc4a-4946-98d9-9c3c6eba93f8 Show response
ww.api.iheart.com/api/v1/account/ Frame 9481 265 B
1017 B 283ms
195ms XHR
application/json 2a04:4e42:4e::269
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v1/account/loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=5fc3cdd9-dc4a-4946-98d9-9c3c6eba93f8
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.32.0/f70a53b/bundles/407.widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4e::269 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 51729caddb2dbc92a7a61d26b041dd014790ea1e0514679048c6c77a2add8a4e

Request headers

Accept: application/json, text/plain, */*
X-Locale: en-WW
Referer: https://www.iheart.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-hostName: webapp.WW
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 18 Feb 2022 20:45:25 GMT
Via: 1.1 varnish, 1.1 varnish
X-BACKEND: ssl_shield_iad_va_us
transfer-encoding: chunked
X-Cache: MISS, MISS
Connection: keep-alive
X-GEO-COUNTRY: DE
X-Served-By: cache-iad-kjyo7100093-IAD, cache-lon4278-LON
X-Timer: S1645217125.287329,VS0,VE150
Vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
X-Accept: json
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
X-Cache-Hits: 0, 0

OPTIONS
H/1.1 200
OK loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=5fc3cdd9-dc4a-4946-98d9-9c3c6eba93f8
ww.api.iheart.com/api/v1/account/ Frame 0
0 156ms
44ms Preflight 2a04:4e42:4e::269
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v1/account/loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=5fc3cdd9-dc4a-4946-98d9-9c3c6eba93f8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4e::269 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-hostname,x-locale
Origin: https://www.iheart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Content-Type
Accept-Ranges: bytes
Date: Fri, 18 Feb 2022 20:45:25 GMT
Via: 1.1 varnish
X-Served-By: cache-lon4264-LON
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1645217125.153943,VS0,VE0
X-Accept: */*
X-BACKEND: ssl_shield_iad_va_us
Access-Control-Max-Age: 604800
Cache-Control: max-age=604800
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
X-GEO-COUNTRY: DE

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 126ms
64ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=balleralert.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 125ms
63ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=balleralert.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 204 /
vtrk.doubleverify.com/ 0
183 B 191ms
56ms Ping
text/plain 54.194.157.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=38e76d1a-8958-4340-96e5-b935d8aa1ab6&z=479978966415&ctx=24192157&cd160=1681bbcc-8fb5-49b4-a83c-22be28f4e4f2&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-pq&cd180=network&cm180=182&cm181=28&cm182=44&cm183=49&cm184=60&cm185=2&cm186=419&cm191=0&cmp=DV684348
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.157.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-157-24.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 138148413-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame FCED 10 KB
5 KB 187ms
57ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/138148413-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78485a79a88d58baf7fa253ec43d6827f88dada8b16a1a36325994a84f423970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 02:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 23:09:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 02:16:21 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame FCED 13 KB
5 KB 85ms
85ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51ea75fec6a6030c9a7cd913834dcbbfc53abc6ab2cd665155b996d6e6edfdda

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6wFfUYtd1iQZK0wWk5+SCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "77e87acda4bbdb46a59bab9f008dd8e3"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-6wFfUYtd1iQZK0wWk5+SCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Feb 2022 20:45:25 GMT

GET FollowCompany
www.linkedin.com/pages-extensions/ Frame 2490 0
0

GET
H2 200 FollowCompany Show response
www.linkedin.com/pages-extensions/ Frame 4E11 2 KB
1 KB 170ms
170ms Document
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2a84c3cf6d5cdd1f7eebd633763bc1833a31ab11947490480b8736fafdde5894

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: ; font-src data: ; child-src blob: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-length: 795
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXYUPZSnhXbxWCd5j6vLA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6858E673710E402795F389E743F9B9EF Ref B: FRAEDGE1221 Ref C: 2022-02-18T20:45:25Z
date: Fri, 18 Feb 2022 20:45:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
246 B 97ms
97ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190168124789473&correlator=2448676945935119&output=ldjh&impl=fifs&eid=31064997%2C31064868%2C31061691%2C31061692%2C31064019&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&fsbs=1&ists=1&prev_scp=pos%3Dout_of_page%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_out_of_page_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D0%26domId%3Dout_of_page_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3D60xbz1t98gy%26PAV%3D0_balleralert.com%26GMAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_5%26second_rb%3D5SOV_26%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D38e76d1a-8958-4340-96e5-b935d8aa1ab6&cookie=ID%3D4b98536519a9c811-22d92fa847cd003f%3AT%3D1645217123%3ART%3D1645217123%3AS%3DALNI_MZwzocIfRIWhc1mpkX7zwfpA4K3qA&bc=31&abxe=1&dt=1645217126936&lmt=1645217126&dlt=1645217124615&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=2031355130&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fballeralert.com%2F&rumc=3190168124789473&rume=1&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

62daab70d8018745af4fa4337376cf9345bb9a6c2ea04623f00bd72888b17c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9E1 6 KB
4 KB 215ms
62ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Feb 2022 20:45:25 GMT
expires: Sat, 18 Feb 2023 20:45:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 305ms
304ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190168124789473&correlator=2448676945935119&output=ldjh&impl=fifs&eid=31064997%2C31064868%2C31061691%2C31061692%2C31064019&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&fsbs=1&prev_scp=pos%3Dleaderboard_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_leaderboard_ad_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D0%26domId%3Dleaderboard_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Ds3fzb1sj2le%26PAV%3D0_balleralert.com%26GMAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dballeralert.com_appnexus%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D533e4ab3176e68d%26hb_bidder%3Dappnexus&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_5%26second_rb%3D5SOV_26%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D38e76d1a-8958-4340-96e5-b935d8aa1ab6&cookie=ID%3D4b98536519a9c811-22d92fa847cd003f%3AT%3D1645217123%3ART%3D1645217123%3AS%3DALNI_MZwzocIfRIWhc1mpkX7zwfpA4K3qA&bc=31&abxe=1&dt=1645217126955&lmt=1645217126&dlt=1645217124615&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=207&adks=3807761084&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fballeralert.com%2F&rumc=3190168124789473&rume=1&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9edef5466f3ada2baa2b81fe03858d6179ae1e5f0e045ef2d34f7f813505b959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8813
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
18 KB 450ms
449ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190168124789473&correlator=2448676945935119&output=ldjh&impl=fifs&eid=31064997%2C31064868%2C31061691%2C31061692%2C31064019&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome%2Cadhesion&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&fsbs=1&prev_scp=pos%3Dadhesion_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_adhesion_ad_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D0%26domId%3Dadhesion_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Direg0qb3wqf%26PAV%3D0_balleralert.com%26GMAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dballeralert.com_appnexus%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D54405c719d3ceed%26hb_bidder%3Dappnexus&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_5%26second_rb%3D5SOV_26%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D38e76d1a-8958-4340-96e5-b935d8aa1ab6&cookie=ID%3D4b98536519a9c811-22d92fa847cd003f%3AT%3D1645217123%3ART%3D1645217123%3AS%3DALNI_MZwzocIfRIWhc1mpkX7zwfpA4K3qA&bc=31&abxe=1&dt=1645217126959&lmt=1645217126&dlt=1645217124615&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=0&adks=1278255468&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fballeralert.com%2F&rumc=3190168124789473&rume=1&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

53e8208d0b0c5c2bf0cdafd9f450322f11acaa28b8a7eda485b1b709a484c0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18808
x-xss-protection: 0
google-lineitem-id: 5417190625
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377292908
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
22 KB 663ms
663ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190168124789473&correlator=2448676945935119&output=ldjh&impl=fifs&eid=31064997%2C31064868%2C31061691%2C31061692%2C31064019&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&fsbs=1&prev_scp=pos%3Dmedium_rectangle_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_medium_rectangle_ad_2%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D0%26domId%3Dmedium_rectangle_ad_2%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Dj8sb1gk7dj%26PAV%3D0_balleralert.com%26GMAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_5%26second_rb%3D5SOV_26%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D38e76d1a-8958-4340-96e5-b935d8aa1ab6&cookie=ID%3D4b98536519a9c811-22d92fa847cd003f%3AT%3D1645217123%3ART%3D1645217123%3AS%3DALNI_MZwzocIfRIWhc1mpkX7zwfpA4K3qA&bc=31&abxe=1&dt=1645217126962&lmt=1645217126&dlt=1645217124615&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=1005&adys=1359&adks=2330257080&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fballeralert.com%2F&rumc=3190168124789473&rume=1&vis=1&scr_x=0&scr_y=0&psz=290x0&msz=290x0&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5dcdedef171485f19d11f44dde0881cd99caf84161ced76a882f06a7238006af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22921
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
23 KB 835ms
835ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190168124789473&correlator=2448676945935119&output=ldjh&impl=fifs&eid=31064997%2C31064868%2C31061691%2C31061692%2C31064019&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&fsbs=1&prev_scp=pos%3Dmedium_rectangle_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_medium_rectangle_ad_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D0%26domId%3Dmedium_rectangle_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Dfv0jlchts1s%26PAV%3D0_balleralert.com%26GMAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_5%26second_rb%3D5SOV_26%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D38e76d1a-8958-4340-96e5-b935d8aa1ab6&cookie=ID%3D4b98536519a9c811-22d92fa847cd003f%3AT%3D1645217123%3ART%3D1645217123%3AS%3DALNI_MZwzocIfRIWhc1mpkX7zwfpA4K3qA&bc=31&abxe=1&dt=1645217126980&lmt=1645217126&dlt=1645217124615&idt=1256&frm=20&biw=1600&bih=1200&oid=2&adxs=1005&adys=822&adks=2330257081&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fballeralert.com%2F&rumc=3190168124789473&rume=1&vis=1&scr_x=0&scr_y=0&psz=290x0&msz=290x0&ga_vid=464597375.1645217126&ga_sid=1645217126&ga_hid=1095585121&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4b9961ee1a72d619aff47987991c5b2e529c8c2222d90f0b38da8de4e9008165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23089
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://balleralert.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ 28 KB
9 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_2?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a34d693bd61abbe77f313336b07a464cb8375924348d21d7b88dc0debce85c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9526
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 05:51:04 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ Frame FCED 54 KB
19 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93fa2b4cd4e7ab1a5984412607c24a1608bf1cb981908a9aaf4b8a7b9cbfbb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 17:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19359
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 17:21:12 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame F07C 601 B
293 B 84ms
84ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0?le=oz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5175e2e3b24c72506a6e3035a04bbba268fd5550ff53fd73a4a51da07a1cd97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 20:45:25 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 121ms
58ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 265536
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 18:59:49 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 121ms
59ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 265536
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 18:59:49 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 116ms
56ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:32:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 227568
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Feb 2023 05:32:37 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 115ms
56ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 261151
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 116ms
57ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 189646
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Feb 2023 16:04:39 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 399ms
399ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK 7wt9141p3ut92wm2l1t4km4ct
static-exp1.licdn.com/sc/h/ Frame 4E11 39 KB
8 KB 330ms
141ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-exp1.licdn.com/sc/h/7wt9141p3ut92wm2l1t4km4ct
Requested by: Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: cc7f52271e59738f204a214b87de955f7c9709d0e4e096206c613571ea1e8bd3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-LI-Proto: http/1.1
Date: Fri, 18 Feb 2022 20:45:25 GMT
Content-Encoding: gzip
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN: AKAM
X-LI-Static-Content: 1
X-Li-Fabric: prod-lva1
X-CDN-Proto: HTTP1
Connection: keep-alive
Content-Length: 6974
X-LI-UUID: AAXYPkQaNrLER6Y9Iw/Xrw==
Server: Play
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop: prod-lva1-x
X-CDN-CLIENT-IP-VERSION: IPV6
Vary: Accept-Encoding
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=31536000, immutable
Timing-Allow-Origin: *
X-FS-UUID: 0005d83e441a36b2c447a63d230fd7af
Expires: Fri, 17 Feb 2023 22:27:05 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/xdoor/scripts/ Frame 4E11 507 KB
159 KB 103ms
103ms Script
text/javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/xdoor/scripts/in.js
Requested by: Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: 0d3b74554bb7327acfef3aabd878193d28f028cd48a8a348b652e9abb23327e3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-LI-UUID: AAXYUCpx8BZFIEg+z3DSbw==
Date: Fri, 18 Feb 2022 20:45:25 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-ltx1-x
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 162376
X-CDN: AKAM
X-Li-Fabric: prod-ltx1
Expires: Fri, 18 Feb 2022 20:48:24 GMT

GET
H/1.1 200
OK cwphtfsvdwm4k6n91alllgs6q Show response
static-exp1.licdn.com/sc/h/ Frame 4E11 4 KB
2 KB 282ms
94ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-exp1.licdn.com/sc/h/cwphtfsvdwm4k6n91alllgs6q
Requested by: Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-LI-Proto: http/1.1
Date: Fri, 18 Feb 2022 20:45:25 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
X-CDN: AKAM
X-LI-Static-Content: 1
X-Li-Fabric: prod-lor1
X-CDN-Proto: HTTP1
Remote-Cache-Status: TCP_HIT
Connection: keep-alive
Content-Length: 1436
X-LI-UUID: AAXXDZ7F3rkvmXi/wlLZJg==
Server: Play
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop: prod-lor1-x
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=31536000, immutable
Timing-Allow-Origin: *
X-FS-UUID: 0005d70d9ec5deb92f9978bfc252d926
Expires: Thu, 02 Feb 2023 18:59:41 GMT

GET
H2 200 Screen-Shot-2022-02-03-at-1.57.35-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2022/02/ 297 KB
297 KB 45ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-03-at-1.57.35-PM.png?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

584190690f3e745224ccb1134d5863983050eadb08d769ab47f4e8d484044086

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 5
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 09:28:47 GMT
server: nginx
etag: "daa10f483275dbc8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-03-at-1.57.35-PM.png>; rel="canonical"
content-length: 303792
expires: Mon, 05 Feb 2024 21:28:47 GMT

GET
H2 200 Screen-Shot-2019-04-17-at-5.26.52-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2019/04/ 245 KB
245 KB 53ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2019/04/Screen-Shot-2019-04-17-at-5.26.52-PM.png?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c1706286189e087a43c5baee5f49d7a7d420c8ea019943ff4c1d7aff6118c397

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 3
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 09:28:47 GMT
server: nginx
etag: "92039255a9bbbc32"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2019/04/Screen-Shot-2019-04-17-at-5.26.52-PM.png>; rel="canonical"
content-length: 250928
expires: Mon, 05 Feb 2024 21:28:47 GMT

GET
H2 200 Screen-Shot-2022-01-13-at-4.30.31-PM.png
i2.wp.com/balleralert.com/wp-content/uploads/2022/01/ 204 KB
204 KB 88ms
82ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/balleralert.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-13-at-4.30.31-PM.png?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b1fe9a102dd1c48d424ac350bed1b1dcf91afda2dae18824fa5473bd8a3901b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 4
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 08:46:28 GMT
server: nginx
etag: "b0acb00eb83c3ce9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-13-at-4.30.31-PM.png>; rel="canonical"
content-length: 208600
expires: Mon, 05 Feb 2024 20:46:28 GMT

GET
H2 200 Screen-Shot-2022-01-31-at-11.52.35-AM-e1643648065713.png
i1.wp.com/balleralert.com/wp-content/uploads/2022/01/ 144 KB
144 KB 87ms
82ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/balleralert.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-31-at-11.52.35-AM-e1643648065713.png?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5487c600bcffca2099f210e10b0568133b3e3069431d0f11c18c78919f8ae7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 7
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 08:41:18 GMT
server: nginx
etag: "85c6771168e8eb30"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-31-at-11.52.35-AM-e1643648065713.png>; rel="canonical"
content-length: 147112
expires: Mon, 05 Feb 2024 20:41:18 GMT

GET
H2 200 Screen-Shot-2022-02-09-at-1.13.04-PM-e1644430468720.png
i2.wp.com/balleralert.com/wp-content/uploads/2022/02/ 74 KB
75 KB 87ms
82ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-09-at-1.13.04-PM-e1644430468720.png?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

73b7548bd3363ea24eecf6a2a56d96ea783d98929756a8b68e917ea283722aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 6
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 15:21:04 GMT
server: nginx
etag: "be50937c8587fe3a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2022/02/Screen-Shot-2022-02-09-at-1.13.04-PM-e1644430468720.png>; rel="canonical"
content-length: 76184
expires: Sat, 17 Feb 2024 03:21:04 GMT

GET
H2 200 Screen-Shot-2022-01-21-at-6.33.45-PM.png
i2.wp.com/balleralert.com/wp-content/uploads/2022/01/ 121 KB
121 KB 85ms
81ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/balleralert.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-21-at-6.33.45-PM.png?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bbd6316ca0e2600570fe23335e515baf77986262cdc80ed9d0d89931f1794abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 6
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 08:40:52 GMT
server: nginx
etag: "0a069f3794af9c5d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-21-at-6.33.45-PM.png>; rel="canonical"
content-length: 123742
expires: Mon, 05 Feb 2024 20:40:52 GMT

GET
H2 200 Dime-Racks.jpeg
i0.wp.com/balleralert.com/wp-content/uploads/2022/01/ 29 KB
29 KB 83ms
83ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/balleralert.com/wp-content/uploads/2022/01/Dime-Racks.jpeg?resize=600%2C600

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

270b1e86757e34465f696bca485f119cf9e775f4a5d5513be5a299c3c1cb9cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 08:40:52 GMT
server: nginx
etag: "939a19ddc8980658"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://balleralert.com/wp-content/uploads/2022/01/Dime-Racks.jpeg>; rel="canonical"
content-length: 29708
expires: Mon, 05 Feb 2024 20:40:52 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame F07C 9 KB
2 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 15:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 15:22:17 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame F07C 149 KB
44 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 15:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 15:22:17 GMT

GET
H3 200 container.html Show response
c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8728 6 KB
3 KB 116ms
55ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 20:45:25 GMT
expires: Sat, 18 Feb 2023 20:45:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ Frame F07C 128 KB
42 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4866273fbeb45fc7e9929611052b7f7202ec0a3ab1b35d13302b892c3c52b2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43054
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 15:34:12 GMT

GET
H/1.1 200
OK locationConfig Show response
ww.api.iheart.com/api/v3/ Frame 9481 6 KB
3 KB 233ms
145ms XHR
application/json 2a04:4e42:4e::269
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/locationConfig?countryCode=WW&hostname=webapp&version=8-prod
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.32.0/f70a53b/bundles/407.widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4e::269 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f2a878192eb437ff1100f69acce8151b530f9545d2b58877ad2b9d19ff1fe128

Request headers

X-Locale: en-WW
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-hostName: webapp.WW
Accept: application/json, text/plain, */*
Referer: https://www.iheart.com/
X-Session-Id: LPxEnbdyAbPAC5yhaXoHgL
X-Ihr-Session-Id: LPxEnbdyAbPAC5yhaXoHgL
X-Ihr-Profile-Id: 5076355116
X-User-Id: 5076355116

Response headers

Date: Fri, 18 Feb 2022 20:45:25 GMT
Via: 1.1 varnish, 1.1 varnish
X-BACKEND: ssl_shield_iad_va_us
Access-Control-Allow-Origin: *
X-Cache: MISS, MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2646
X-Served-By: cache-iad-kiad7000162-IAD, cache-lon4260-LON
X-Timer: S1645217126.622073,VS0,VE102
Vary: Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Content-Type: application/json
X-GEO-COUNTRY: DE
X-Accept: json
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
X-Cache-Hits: 0, 0

OPTIONS
H/1.1 200
OK locationConfig
ww.api.iheart.com/api/v3/ Frame 0
0 44ms
43ms Preflight 2a04:4e42:4e::269
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.api.iheart.com/api/v3/locationConfig?countryCode=WW&hostname=webapp&version=8-prod
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:4e::269 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hostname,x-ihr-profile-id,x-ihr-session-id,x-locale,x-session-id,x-user-id
Origin: https://www.iheart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Content-Type
Accept-Ranges: bytes
Date: Fri, 18 Feb 2022 20:45:25 GMT
Via: 1.1 varnish
X-Served-By: cache-lon4278-LON
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1645217125.490167,VS0,VE0
X-Accept: */*
X-BACKEND: ssl_shield_iad_va_us
Access-Control-Max-Age: 604800
Cache-Control: max-age=604800
Access-Control-Allow-Headers: X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
X-GEO-COUNTRY: DE

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E48B 0
16 B 67ms
66ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRDw1GYY-dy0HjAB&v=APEucNWcFK-O95xHRrr-7pwTXnLft_iasPzIv6GYMUSxf-V1PTPHgIZhRk5Hkh1FAKmhQFOokGK1ZxznM1iuX5G134eJYH8Sbw

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Feb 2022 20:45:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8728 57 KB
28 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQLQDHipKiFL929ECk4hOk2nm9thkQFpQcfYV3d8Chvw3C0u3oEl4pZAImbNs-OXKClXPhFbuEQZAUVq4ivK977x5QZS04CAOqiDuKdLwzP0enjlGpeXS12xH2rwEAztC_ASGyYGeoWbZYQk1VHpHLGb6JCw&dbm_d=AKAmf-BYTSsLoGelavQppuribTWd32dJ2lvHQAbwPlCO_qtsQ8bO_yxZYrNFwbEugjUSbNtGk_QeqEfUBZStTr0yX3RTPbFbMYUqCLBrRZYi4bDL-akdJ__84QQrJwTB_1dK3X0yEPcy14IbgDgteDAzd1hP0H5R4xG8ZapfAAXGO4TIxgJMNUYznGRriQniBaw1k3GsAzdq7W_b6aGqqkRIhRbPAJ_QQCmmCbmYjvYpORHqIhQImYtGHALeGKVWfXAtsiHUUnPSyL832YsEe4hzE6h_1v_56h5C0QJid-K8lFFN6zCHvzibRPEYmi0Ge-5TnbbHfqdmCAHxCQFH-nyuSit4xF9Z2il1adILUMWDv7Zz7fqKP3X_BiXrp0NlkzxyXNkgsrIj22M36Z3kU9QMfrbttpN5g56y56ysXijpExE5bcgofhYN81kQY6JoeEVwE3061tueQYXpLupJFBnq6chPZHZ_PKaFmlFDM3tjjxoyJMA32nYzb5XqjH_UFn2MjmCOpBe6wzJPzGsALH4VsccFiXGi_Y8fkI5_ooD1KEgbkw6FtcGKY2ZTlc17tVZH5gRuyE3EczSXxYgl2w4OO9TDz7gnA5o7Vvu_GJSuqSbqOZ1bi6wAJ85vUPAgpoMka2YTn0wYwrZXgIcYpjFGPzaDbhiHaZ871XG_GgOlO7ec5NoKKW_2DCoIahT7D455gGnOngqSwoY4LmXuOls2MKvRetOrLq3bwsEljfK7K_um824dHOAbGByPbGMM-SXC0GNeRoS3Vm5VeGrU99W6kkfSCN6FqfIfkn29kyHqpHQpYjSY-N1a_SeU9ApnwY14vPfzwOZjvS9gTLqD39-9fkpUKKHb_MpmIpIvZBeejLmNX06loN2hYArt8Zd438P6Juxk_DA8u22Z_B3UARS7Nn7DF2ZikCUKw2aU9931-qDXX7YhdOOGMecSORrglq48lvBgMFF7UuySNbV7KPvaCCN51ohLaypHRM71rYrrZ3PrVsL0ClXy67fEj3GgmJrkMoPUfQXVLt44fRDRuvcsuPqggqS2vmo1WyIVeibaj9WdqjosaSUqdzCvtT6U82C8OWiUJNkayET98LlKUIb3tjlD6nq2jBm6Th5BmKv9V3YDOMnGgriPcXM6aRGJ1D7-RO0Y0g3UE14YMTkJIKWiiVcVhJ-y_q3yi5oZ-L09Si58OBK0vGKAKp-h6jIEd7BGp8HX25Ww4pIQjz-B5SdSLCAGGU0pjgaEdZYVbEoHjKM2HQ7qyoROEqJTD3Z_W6jP_yiFMYnT36vqJMq0jI0_0ztBmbz0JeYfFk0HfQBxFLFStGEnoL4R_HiHDq1vM0k4kl1ODk5epCyIEYKm8odY0Ji6SLsbHijDkDJsf6Wp0f_CX4WATY9S83yqpwoTRHzUiMp3XEQl23XW2fd1pQBjKXle0X4YpRDJHThDr8hD3zRVIHXyIkwHemNvP8L350Ndn9toZtEgpCiZgatvLgeJJirg1U3JRCNuwJhOZ1WyuIE7Pe7rCYyhtPsu9nwjvFBe4-z7iJRhh1j2W6iCDuL7QKntnHTEeP_Ja06rV2Jkhym8yjmRiEvYGiEYHrUMA2G-IQvWqAqTdqV1ubUm1njwVpRKwqzmO7rYLPhdNsccHnb9iBUf0Ds5EJHoV3NHTKYUBxN7NHFGU2UdGNHDs5Xg1aoI6hRjnfAhKMMf8Ay6lTRZ5JVN06aHCkAc1ZG46tjq4TloK9ENsMforITaCkPSjHWuj2bxv2MyHBRDnnC5xXtuonjVuDByZmTLdz6kwCELSRqg8K722ZjqJL_nJRAbq6lYtd42PnrERNc8Oii4zbfLyxv7gGLJ_WbmoJXuxkA3g7_2OAVN4ArJ908iz5Sof6sN7loobK_BL7aTNWUe5cDc0VEb99CzAWZN-_zSeFThd-vMEW5UaUHrXJ9Od0BGzwNlY0CFyqpUy4Gh0fpwiw5QB1BUMrC5YNA42oDyDXnQQFjkzWsfCpRTjKGFVr-95mrt0_aCgVYY5hqxtFAF4gGjOtf6edTw02iiF-fc13RjVX4qUNRvP5DhLKVHLP9xAqnlSTqImBRR-JYfFan03qBE4Drot3CDZKmN1d4PQSDV3oMwdBi-OMN8UkXrtB4GbaF4PTBgp_427W0VAVnA6wcTq8NrlAUL1Fkf548r0ZvmEQkje9LIMvYv5HQlUBbhaXxLx58WtaYRzR4MzQUUk0LFdIheiHJmzKyzntE4DGKcrgGOA5p_3XZa66EO2EGVL8vKwwmOCoaQRd9KX7vztb-0kEOgA8PWdRYW4smxCkZy2GYlKIetkZu_B7UBEjaNfmgmxiwIV-nW-OPJNSFVpveT56dzZ7rnBuEyj7-cbBzVo1VrVrPc3I5lqCkMcjuGEe0hqXPlq3flV-w7MLgmL7mFMX4HvEwQVrB9YJ9vhj8aHc-wRzTWfaMMidsleCtYaF1KStOE8p9cM9QIYfivICwrD-Q80OQrzpwHgS4ZOIUKDtK5NdGxEmNnUKW4VfWuOExbpQQRONUQTdzAF1IhfdZOwjsU3Mv6Ad00QO3JLg5srCw3AblB2IY9l_YCI14VSzlTDsoz_sdmhB0fDv0NAHGVs0pR9h8AiU_riYYDHtJhN-y-1zjm19CpoffWe_8mAkg1oLmYopwwtq0DiUUFHK6Guhhb2RxYAyCEvOP861zPgMU0MCExpCLdOOXJW6ixLuguOh4Voq4QDkujDSayZ-uSp-otJpQ4ca9fdJ9fazQGMMBz_rDDIXs-ZPs2inTnbOjUxcb6bN-POCYrNBG7GOyyC3hn5OOr4YA48ZE7HUC-joFiIdnAO1UOYu6TeVveoDLQUPEQ_hUMa983q78qAQStuB2DRFvf9WUgTphJUGOsj9ec6P8zcJm8NvZ7lgLvNRuKAi1WqkQ38FgzT7B4X6Sy7Kjf_GpviWoou-JedvmvC87UpDG4w-ksDrJdxIjP5-TiSTKs7_EUoXZF6kuhQ_vSuQQGQAk0PukrKyTDumWA6tun2Q3T8ImP11Ye0RsX9VuguWl5-Le53Qu7ldUdMjrnUbFeXHrEU6RzGIrmGCx8evW6pAopnJJHVabFh8tQemmRVIbvkxxnQ7RFC9NgbKMqUDx3-aJ20Twiqg1J9oAqtlSt1FMrGJcLSTsbOFBFGbaSkPgVTwbAZo58-BgmVrtRI2A7sT850LvzuQKONKMeAHbsUTZY8k9nH8uHgtoi7lNm657laQ&cid=CAASPeRors3Q6HlHealSnREYADlzcyUPOnxWcfIrHow-LXXEujQ8kAfZokFAGYxdQxF5BwOLn-cRhmQIQoAduqc&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49a55ffe4f5cc8251fb9f15b1d2cb1b874cc7388d2edb464f6860e17ef9b2992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28965
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8728 42 B
63 B 80ms
80ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4oOzdvG9at7Ab6buH8M3YiRGlE5HW6IxNNPOqTLkaK3rcDzY_e_TSONOjlu8FCyFHI0o0rv1kq3UPSqMxMd2uK-w1Ry8AvCaXXX3iE-WdOfyL42U

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8728 2 KB
1 KB 201ms
68ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:44:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8728 124 KB
38 KB 249ms
187ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Feb 2022 20:45:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8728 15 KB
7 KB 186ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:44:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8728 0
0 128ms
64ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSukDYa-GPpQpLvgyLd3NysYlKae_y_8VEOI0JSqFr5qwa6EPtAYgGp67070dEZ4NsZdPDU
Requested by: Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1144 0
0 77ms
76ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJLZkdek6ENzbFRWwS1VUOKrUfSetBbwM_zNbNWsvjAje2Jdxkcv_Ob7UKreiTAKWwvjNyI9U13nt2LdXlDaxYv-WYbcZwpY2OtTFCddN_Zs-9IRPjek79WUL4Bfcy-a20mzjkesbX71np5ezbRjRQE-npBD_auCfNnoLEIIlScP_icuPyjYqPumMNVlxp8n07TGUVKSiwmRKv-RGY11lgUisDPRUZH7ZbRLHJPdnV8cllR0u6phE3WKQtPANUWTZat7jgtGustTj9HWEeIxeluSi5FvXBZ09OifDkCSkR5fgWTFNVeLDuABTXVqk8vz09GA8khlI7lg&sig=Cg0ArKJSzDijdOvHA1gYEAE&uach_m=[UACH]&adurl=

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 1144 19 KB
8 KB 178ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:39:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 1144 2 KB
1 KB 189ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:44:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1144 124 KB
38 KB 270ms
223ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Feb 2022 20:45:25 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1144 8 KB
4 KB 203ms
58ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e33f9d6f3bffce55b1095840b77bd6bcf2d02405a3dbe853fcbe082461a58137

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 16:35:24 GMT
Server: Microsoft-IIS/10.0
ETag: "0aead5c1c24d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H2 200 15372694518188394385
tpc.googlesyndication.com/simgad/ Frame 1144 22 KB
22 KB 236ms
118ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15372694518188394385

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a2a1f4b330f285238ff8868b31d26643ff5d5818044d480e8cab43e35eabb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:16:02 GMT
x-content-type-options: nosniff
age: 473363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 20:13:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Feb 2023 09:16:02 GMT

GET
H2 200 close.png
console.adgrid.io/backend-wp/ad-wrapper-js/ 21 KB
22 KB 51ms
51ms Image
image/png 2606:4700:20::ac43:45e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://console.adgrid.io/backend-wp/ad-wrapper-js/close.png
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061a3a77519999a1fe023724896eca435a4b4d6fd758963270c43fb83d4a8a60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:25 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Dec 2020 07:03:15 GMT
server: cloudflare
age: 4852
etag: "55c7-5b62ae2f0592f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYoH6H%2F99Iku2hlxrdUrcstnMy1q%2Fy%2BkZNyPN%2FiJIcjo7sqJryFQOPGlzgyUIcsArlJM2HVpTuOSX0nrTurKvuejRcZ%2FOb1Uk0IfMpe8NobuoHpjUirAPCFypZ6QS6z7zY5oZofyu2NkWEeic8Jk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dfa195b1ef6743f-LHR
content-length: 21959

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 8728 25 KB
9 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQLQDHipKiFL929ECk4hOk2nm9thkQFpQcfYV3d8Chvw3C0u3oEl4pZAImbNs-OXKClXPhFbuEQZAUVq4ivK977x5QZS04CAOqiDuKdLwzP0enjlGpeXS12xH2rwEAztC_ASGyYGeoWbZYQk1VHpHLGb6JCw&dbm_d=AKAmf-BYTSsLoGelavQppuribTWd32dJ2lvHQAbwPlCO_qtsQ8bO_yxZYrNFwbEugjUSbNtGk_QeqEfUBZStTr0yX3RTPbFbMYUqCLBrRZYi4bDL-akdJ__84QQrJwTB_1dK3X0yEPcy14IbgDgteDAzd1hP0H5R4xG8ZapfAAXGO4TIxgJMNUYznGRriQniBaw1k3GsAzdq7W_b6aGqqkRIhRbPAJ_QQCmmCbmYjvYpORHqIhQImYtGHALeGKVWfXAtsiHUUnPSyL832YsEe4hzE6h_1v_56h5C0QJid-K8lFFN6zCHvzibRPEYmi0Ge-5TnbbHfqdmCAHxCQFH-nyuSit4xF9Z2il1adILUMWDv7Zz7fqKP3X_BiXrp0NlkzxyXNkgsrIj22M36Z3kU9QMfrbttpN5g56y56ysXijpExE5bcgofhYN81kQY6JoeEVwE3061tueQYXpLupJFBnq6chPZHZ_PKaFmlFDM3tjjxoyJMA32nYzb5XqjH_UFn2MjmCOpBe6wzJPzGsALH4VsccFiXGi_Y8fkI5_ooD1KEgbkw6FtcGKY2ZTlc17tVZH5gRuyE3EczSXxYgl2w4OO9TDz7gnA5o7Vvu_GJSuqSbqOZ1bi6wAJ85vUPAgpoMka2YTn0wYwrZXgIcYpjFGPzaDbhiHaZ871XG_GgOlO7ec5NoKKW_2DCoIahT7D455gGnOngqSwoY4LmXuOls2MKvRetOrLq3bwsEljfK7K_um824dHOAbGByPbGMM-SXC0GNeRoS3Vm5VeGrU99W6kkfSCN6FqfIfkn29kyHqpHQpYjSY-N1a_SeU9ApnwY14vPfzwOZjvS9gTLqD39-9fkpUKKHb_MpmIpIvZBeejLmNX06loN2hYArt8Zd438P6Juxk_DA8u22Z_B3UARS7Nn7DF2ZikCUKw2aU9931-qDXX7YhdOOGMecSORrglq48lvBgMFF7UuySNbV7KPvaCCN51ohLaypHRM71rYrrZ3PrVsL0ClXy67fEj3GgmJrkMoPUfQXVLt44fRDRuvcsuPqggqS2vmo1WyIVeibaj9WdqjosaSUqdzCvtT6U82C8OWiUJNkayET98LlKUIb3tjlD6nq2jBm6Th5BmKv9V3YDOMnGgriPcXM6aRGJ1D7-RO0Y0g3UE14YMTkJIKWiiVcVhJ-y_q3yi5oZ-L09Si58OBK0vGKAKp-h6jIEd7BGp8HX25Ww4pIQjz-B5SdSLCAGGU0pjgaEdZYVbEoHjKM2HQ7qyoROEqJTD3Z_W6jP_yiFMYnT36vqJMq0jI0_0ztBmbz0JeYfFk0HfQBxFLFStGEnoL4R_HiHDq1vM0k4kl1ODk5epCyIEYKm8odY0Ji6SLsbHijDkDJsf6Wp0f_CX4WATY9S83yqpwoTRHzUiMp3XEQl23XW2fd1pQBjKXle0X4YpRDJHThDr8hD3zRVIHXyIkwHemNvP8L350Ndn9toZtEgpCiZgatvLgeJJirg1U3JRCNuwJhOZ1WyuIE7Pe7rCYyhtPsu9nwjvFBe4-z7iJRhh1j2W6iCDuL7QKntnHTEeP_Ja06rV2Jkhym8yjmRiEvYGiEYHrUMA2G-IQvWqAqTdqV1ubUm1njwVpRKwqzmO7rYLPhdNsccHnb9iBUf0Ds5EJHoV3NHTKYUBxN7NHFGU2UdGNHDs5Xg1aoI6hRjnfAhKMMf8Ay6lTRZ5JVN06aHCkAc1ZG46tjq4TloK9ENsMforITaCkPSjHWuj2bxv2MyHBRDnnC5xXtuonjVuDByZmTLdz6kwCELSRqg8K722ZjqJL_nJRAbq6lYtd42PnrERNc8Oii4zbfLyxv7gGLJ_WbmoJXuxkA3g7_2OAVN4ArJ908iz5Sof6sN7loobK_BL7aTNWUe5cDc0VEb99CzAWZN-_zSeFThd-vMEW5UaUHrXJ9Od0BGzwNlY0CFyqpUy4Gh0fpwiw5QB1BUMrC5YNA42oDyDXnQQFjkzWsfCpRTjKGFVr-95mrt0_aCgVYY5hqxtFAF4gGjOtf6edTw02iiF-fc13RjVX4qUNRvP5DhLKVHLP9xAqnlSTqImBRR-JYfFan03qBE4Drot3CDZKmN1d4PQSDV3oMwdBi-OMN8UkXrtB4GbaF4PTBgp_427W0VAVnA6wcTq8NrlAUL1Fkf548r0ZvmEQkje9LIMvYv5HQlUBbhaXxLx58WtaYRzR4MzQUUk0LFdIheiHJmzKyzntE4DGKcrgGOA5p_3XZa66EO2EGVL8vKwwmOCoaQRd9KX7vztb-0kEOgA8PWdRYW4smxCkZy2GYlKIetkZu_B7UBEjaNfmgmxiwIV-nW-OPJNSFVpveT56dzZ7rnBuEyj7-cbBzVo1VrVrPc3I5lqCkMcjuGEe0hqXPlq3flV-w7MLgmL7mFMX4HvEwQVrB9YJ9vhj8aHc-wRzTWfaMMidsleCtYaF1KStOE8p9cM9QIYfivICwrD-Q80OQrzpwHgS4ZOIUKDtK5NdGxEmNnUKW4VfWuOExbpQQRONUQTdzAF1IhfdZOwjsU3Mv6Ad00QO3JLg5srCw3AblB2IY9l_YCI14VSzlTDsoz_sdmhB0fDv0NAHGVs0pR9h8AiU_riYYDHtJhN-y-1zjm19CpoffWe_8mAkg1oLmYopwwtq0DiUUFHK6Guhhb2RxYAyCEvOP861zPgMU0MCExpCLdOOXJW6ixLuguOh4Voq4QDkujDSayZ-uSp-otJpQ4ca9fdJ9fazQGMMBz_rDDIXs-ZPs2inTnbOjUxcb6bN-POCYrNBG7GOyyC3hn5OOr4YA48ZE7HUC-joFiIdnAO1UOYu6TeVveoDLQUPEQ_hUMa983q78qAQStuB2DRFvf9WUgTphJUGOsj9ec6P8zcJm8NvZ7lgLvNRuKAi1WqkQ38FgzT7B4X6Sy7Kjf_GpviWoou-JedvmvC87UpDG4w-ksDrJdxIjP5-TiSTKs7_EUoXZF6kuhQ_vSuQQGQAk0PukrKyTDumWA6tun2Q3T8ImP11Ye0RsX9VuguWl5-Le53Qu7ldUdMjrnUbFeXHrEU6RzGIrmGCx8evW6pAopnJJHVabFh8tQemmRVIbvkxxnQ7RFC9NgbKMqUDx3-aJ20Twiqg1J9oAqtlSt1FMrGJcLSTsbOFBFGbaSkPgVTwbAZo58-BgmVrtRI2A7sT850LvzuQKONKMeAHbsUTZY8k9nH8uHgtoi7lNm657laQ&cid=CAASPeRors3Q6HlHealSnREYADlzcyUPOnxWcfIrHow-LXXEujQ8kAfZokFAGYxdQxF5BwOLn-cRhmQIQoAduqc&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9648
x-xss-protection: 0
server: cafe
etag: 2224892065184813991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:43:29 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 8728 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:42:04 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8728 0
571 B 249ms
105ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYWCr5eHed4FDtI0HTqtWdJ332FOx1xZl08BG1_tx4G2JtzazctP_5v2ClQnD--QO4oSPljMqbTp9Rvj2MKtCZD3dPH540XQi-smeeRcKwTHys6T7yJj_3-BcQWhsgC78RSRVyq_behYymKCuRAh_ZDANQIJvSYd_O3vooMC30X0gCBnfS6ZubQQlW79DwnL8u_9YlWODQ49DsZmxpQvqfwPN3ADYcpScem4ld5bQxCDU5HpfsOHsA5TbRY3TVhKAXsoo_UdBYXyHiOvI3TNbEO1D3gbcVFl3V6VHEkw-GaRSiLAJH4xR5XvolkgisS8qY-STcwjwjufHgXOvw_aBVc8BySg0sNkNTw0MiZgV1SVhZjhZZNdzKCc45jn6u4mfpgZwwrJoLswNtJmOOd7fk8W1-pcNpJ1FEtue4h13UXfX3Ub8jtl_XJW4TEcZy_oii78yTPTkyrqufEVfj4r1tKMiyemZxjFA09wlwfslto7hvstr0O3ubjeK1IF-UQBD67Ii45XK76rSipg8LelODuU6gn2uU9gMloGklhhP7jF6Ru3sdu1RhEyl5l77j7_jPNJBc3dQztdHFvTtfbmMW4N3M2UxGN0dkbqnIuhUgw-v4z3Mbhrkr487SV83iD5a6wCvAjVbC5TLaIfPpZ3bRwBEP1wmb9rcswrY8sIaT3KAdzYTZv16Ygmq8AeIlyF91pfpGiC8j3gvjDIFxHY-x-DUsGR6RxlNHO-Wb6_pPEtYJMYtlTqQ2xro8-5VPvfTgP26lv29fzd8pa4oE1HJC6kB5uFnONlCariZH_CFoa1oaONhlgKbdMnN8f4ky9bkFQMBHRBVdQgB5Oqo6k5PIhNHhWFByiAB8Y2G9NZiiYN-RzaknKmYVyUL9Bd_e5hiPT0dQJNoAoj8pqk4ByJE4YQgFR9TcS56natgFzif2bpP0-ZyVUmpvAKLORYh6PZlLUqgnWckWaKoczWP1n5laVArzdRi77v2b93gWO6syMezjuOviuuMvmz-CPyV0_a8dQqG-GfcgIFe6p5k6e9vWpSnP1XBeyErPQSH83tbPLDtO8kChikSRTrETNtIHspwGMpYBCSpdMCR3RUx5DOpVOf3r04O18a7raFSEtSxvZd8Ci942RNcxUKyauPn08dCjQ3iore9AEt5KWWs3-IV9ZaEZw9yF0zpJ7veB1pf132vzCtsC4GXdDPWXAZ4aKGW8Pw&sai=AMfl-YSlFA0NBCNYtizB1Zcb5n3j6qKADikAB06xxBaWL10N-p16X5Tpt9KgTint0Y8aArSztwRaR__esuJK43sf58eT96Xh27e7q8TKES2RN1oSi0CF_H3iGbWd4NaT-CH4BQIev9b4duyzfSFvx0wnmwL-omPm8ZAV7jJYfjVYeNVjYHz7exuhp2AgBCNHr0qeosUotLQ0wNuv6Dkbkn6IF8lnEsvY5vvDkDoGWdeLgg&sig=Cg0ArKJSzGBqQ_6n6gW7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220216.39141&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 18 Feb 2022 20:45:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8728 41 KB
15 KB 78ms
71ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Feb 2023 16:13:41 GMT

GET
H2 200 092421-intl-Evergreen-728x90-DE.jpg
s0.2mdn.net/6677913/ Frame 8728 46 KB
46 KB 199ms
55ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6677913/092421-intl-Evergreen-728x90-DE.jpg

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9fbb50ba3192503f7ba927de41ba5484ec41957bbe76bd240299aeb056c279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:44:26 GMT
x-content-type-options: nosniff
age: 36059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46863
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 12:35:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Feb 2022 10:44:26 GMT

GET
H2 200 launch-530fb1e26ecf.min.js Show response
assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/ Frame 9481 159 KB
45 KB 267ms
58ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.32.0/f70a53b/bundles/526.widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7829e009c50a75313a34510ff02878e8c90cb5e6d6405196d8790400a014d78c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 20:38:42 GMT
server: AkamaiNetStorage
etag: "bad41f64db46aeb47fda72bf857fc32c:1631133522.72211"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 46157
expires: Fri, 18 Feb 2022 21:45:26 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 9481 1 KB
1 KB 187ms
59ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.iheart.com
URL: https://www.iheart.com/v8.32.0/f70a53b/bundles/526.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 07:21:54 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 48212
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KQRA4DxgBUS4Tsm5Aa5TjFDVRTrt3UgK-IYCIlxG5HUBcw8KrVZENQ==

GET
H3 200 container.html Show response
c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 625D 6 KB
3 KB 54ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 20:45:25 GMT
expires: Sat, 18 Feb 2023 20:45:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9435 22 KB
8 KB 118ms
55ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Feb 2022 16:14:25 GMT
expires: Fri, 17 Feb 2023 16:14:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 102660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8728 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b518b646811f367d5430ac07179fad6cf5c1df569617ceb4de17409654e93945

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 625D 19 KB
8 KB 72ms
63ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:45:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 625D 8 KB
714 B 125ms
63ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 18:50:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Feb 2022 20:45:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Feb 2022 20:45:26 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 625D 14 KB
3 KB 186ms
55ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 16:15:47 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 625D 355 KB
123 KB 187ms
56ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 16:15:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 625D 15 KB
6 KB 61ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:44:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1144 0
0 138ms
77ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtW8xQqVbpyqT9WCgMwuDwA6RiJ9T6vENMVJoYlD5bldUgm6ai_fbEI0xK4SajyiLuZqviP-thhgFP4lOCYixwJb-Z8p6f82XoxhBeckpz2tvExT88PIxQ2kxtRK0GdhB1wLkAu5cehW6_-YB3-YZcovVPtY6pMXalf-YA-nladhVncpS1yzCGu_YRfyUYxGi1BcQFtJsx1U8YFeWDDWNXyf20LkugYPcatRTYk7GwUL_ZgcSNnuKfeUWui6eYQCzPndQ7DyxcIS2-KNHahjS7R-YCTcRBP8s8ok2KPdNIzznzQiAvMHJgOzlEmfZ0ffNn6VhmFpoPM3Xg&sig=Cg0ArKJSzF1Lon6W5a38EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Feb 2022 20:45:26 GMT

GET
DATA 200
OK truncated
/ Frame 1144 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4af27940e711cb23e434d9663f82d309890543d0e42a49a4853bad570f36c4e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements2197.js Show response
cdn.doubleverify.com/ Frame 2827 507 KB
93 KB 76ms
75ms Script
application/javascript 2a02:26f0:12d:587::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2197.js
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 072300ef36efa54af8634dadd3451fbd96274e9708bfa568040192fb2e71c160

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 11:46:03 GMT
Server: Microsoft-IIS/10.0
ETag: "80cfe39b6122d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95342

GET
H2

204

b2
sb.scorecardresearch.com/ Frame 9481
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036262&cs_xi=5076355116&ns__t=1645217127824&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpod...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5076355116&ns__t=1645217127824&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpo...

0
224 B

65ms
65ms

Image
text/plain

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5076355116&ns__t=1645217127824&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F
Requested by: Host: balleralert.com
URL: https://balleralert.com/
Protocol: H2
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: _p-blwF08-UOOKkm7r_LmWeDnvI-4Bf1gdYEmsdDkN2MidqeYzg5zw==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 18 Feb 2022 20:45:26 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5076355116&ns__t=1645217127824&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F
content-length: 316
x-amz-cf-id: 0ANhTBz4DpU61s-CXTzF7D9WnHTzGwxUzyh2R2q9XtD4uNVNSKlG0g==

GET
H3 200 container.html Show response
c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C74 6 KB
3 KB 54ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 20:45:25 GMT
expires: Sat, 18 Feb 2023 20:45:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8728 0
23 B 155ms
92ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9435 35 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 07:09:57 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8728 60 KB
23 KB 53ms
53ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

994ab1ecd36f2f4b3aeaeca3a8076c252afadf3710c183dbbfc1e0930c4ea081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23125
x-xss-protection: 0
server: cafe
etag: 8562238015891237552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 21:21:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 8C74 19 KB
8 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:45:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C74 8 KB
714 B 69ms
68ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 18:55:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Feb 2022 20:45:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Feb 2022 20:45:26 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 8C74 14 KB
3 KB 193ms
192ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 16:15:47 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 8C74 355 KB
123 KB 195ms
195ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 16:15:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8C74 15 KB
6 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 20:44:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C74 0
0 67ms
66ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_kOuwO7lDPqui0Sk2ZvOOYmXdNuG2Z6pgDHvCNzZaD3Q9yYqX2ieW2TNkEd67imbrw4ua
Requested by: Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 8728 0
54 B 534ms
198ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzsvssg4&chm=1&c=3190168124789473&ctx=2&qqid=CJfyy7KPivYCFQxa4AodeMkI2Q&met.4=fb.3p~lb.ch~ol.fs~idt.pj~dt.-9d&met.3=374.cj~734.fi~749.fj_2~735.fu_1~740.fu~113.i0_5~112.i0_6&met.1=1.kzsvsry4~6.1~7.1~8.1~9.2~10.1r~11.2~12.1r~13.3a~14.3a~15.3d~16.ci~17.ci~18.ci~19.fs~20.fs~21.fs~22.7h~23.7h&met.7=CBsQCBgBMHY4uARQAVg_YAFoP3B1eNAagAGkGIgBzi-wAQG4AQM~CCgQBRgBIIcBKIcBMMsBOERoiQFwywF4rAKwAQG4AQM~CCgQChgBIIkBKIkBMP8BOHZoiQFw5gF40eQBgAGl4gGIAZHJA7ABAbgBAw~CBwQBhgBIIkBKIkBMNoBOFFoigFw2gF41gKAASqIASqwAQG4AQM~CB4QChgBIIkBKIkBMNUCOMwBaI8CcNICeP0LgAHRCYgB0hKwAQG4AQM~CCoQChgBIIoBKIoBMJYDOIwC~CBwQChgBIIoBKIoBMMoCOMABQIsBSJkBUJkBWIwCYM0BaI8CcMQCeNI0gAGmMogB5XawAQG4AQM~CBsQBhgBIIoBKIoBMIsCOIEB~CAkQChgBIIQCKIQCMLsCODhohAJwugJ43E2AAbBLiAHwxAGwAQG4AQM~CBwQChgBIIQCKIQCMLwCODdohQJwuwJ4gxuAAdcYiAGeP7ABAbgBAw~CCIQARgBIIcCKIcCMIIEOPsBQIgCSKMCUKMCWJcDYNgCaJgDcIEEeKwCsAEBuAED~CCcQChgBIIgCKIgCMIMDOHtojwJw1gJ4k3mAAed2iAGKxQKwAQG4AQM~CCkQBhgBIIgCKIgCMKAEOJgC~CCcQBRgBIJwDKJwDMJgEOHxo2wNwkwR490OAActBiAHqsgGwAQG4AQM~CCgQChgBILwEKLwEMPwEOEBovQRw8gR4gbcBgAHVtAGIAZbgA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 9481 33 KB
12 KB 64ms
63ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 18 Feb 2022 21:45:26 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 9481 3 KB
2 KB 70ms
70ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 18 Feb 2022 21:45:26 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 9481 25 KB
9 KB 76ms
76ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.iheart.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Fri, 18 Feb 2022 21:45:26 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2827 1 KB
1 KB 290ms
61ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=227&ttfrms=38&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3ETar9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=8&ddur=204&uid=1645217128044945&jsCallback=dvCallback_1645217128044119&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2197&tgjsver=2197&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fballeralert.com%2F&fwc=1&fcl=564&flt=0&fec=1389&fcifrms=14&brh=2&sdf=2&dvp_epl=154&noc=4&ctx=24192157&cmp=DV675025&btreg=5417190625138377292908&btadsrv=5417190625138377292908&adsrv=104&unit=728x90&seltag=1&sadv=4439099724&ord=2716818604&litm=5417190625&scrt=138377292908&splc=/11462305847/balleralert/home/adhesion&adu=22501772778&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_qtpid=38e76d1a-8958-4340-96e5-b935d8aa1ab6&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=132417458454.77617&dvp_tukv=123877050493.15582&dvp_uuid=527443564883.55835&dvp_tuid=556862442075
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2197.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: b7176b7d34b93f350ff04ba9fbdaa5ef35c97c7d1353b78c1282675534c70b80

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:44:53 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 02/17/2022 20:45:26

POST
H2 204 csi
csi.gstatic.com/ Frame 625D 0
54 B 349ms
196ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kzsvssl6&c=974315971736&slotId=487157985868&qqid=CMeo4bKPivYCFVGAewodNXULHQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 625D 15 KB
15 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 182947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 625D 15 KB
15 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 39443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 09:48:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 625D 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CXCcFZQUQYofiH9GA7gO16q3oAdbxs9hnoo_6hsAP8C4QASD_sLwwYJUCoAGh9fmZAcgBBakCqhA2B4P_sj6oAwHIA5sEqgT1AU_QjJkLCMVAwSrbeafpwQYyhZuB-2LnLe7OoiOws82jOTy9mWAmTg5P2sKfrnhQg7uBBdUb5NNj-UXFDZ6jy6DeRW3zynzo31riYWeuzJIJoSnzoKW82uiPs5Lfki9PN-MrE--JpZTHRuk3SOAc5mpY3fqC-wiY-0oUDOnu_VdPjJAVIBIA4ZhKptuwGY_m5tbBZWjlY6PGJAsH4y_VdWhTbMAfb9F0zyL_LV53_XRD0i9eTg54AmeRNd2VpBg6-EgdM0fJ_YUupY6rSpwHtWRNWe4VbHYoK9WIeuKGqRvZnq7Gpd4VfsvGZMMKvh0e0tliKSywwATu2YHw5gPgBAOQBgGgBnaAB8eKhuYCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsB4AsBgAwBsBPruu0NyBPqx4TfA9ATANgTCogUBtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1645217128129&ai=CXCcFZQUQYofiH9GA7gO16q3oAdbxs9hnoo_6hsAP8C4QASD_sLwwYJUCoAGh9fmZAcgBBakCqhA2B4P_sj6oAwHIA5sEqgT1AU_QjJkLCMVAwSrbeafpwQYyhZuB-2LnLe7OoiOws82jOTy9mWAmTg5P2sKfrnhQg7uBBdUb5NNj-UXFDZ6jy6DeRW3zynzo31riYWeuzJIJoSnzoKW82uiPs5Lfki9PN-MrE--JpZTHRuk3SOAc5mpY3fqC-wiY-0oUDOnu_VdPjJAVIBIA4ZhKptuwGY_m5tbBZWjlY6PGJAsH4y_VdWhTbMAfb9F0zyL_LV53_XRD0i9eTg54AmeRNd2VpBg6-EgdM0fJ_YUupY6rSpwHtWRNWe4VbHYoK9WIeuKGqRvZnq7Gpd4VfsvGZMMKvh0e0tliKSywwATu2YHw5gPgBAOQBgGgBnaAB8eKhuYCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsB4AsBgAwBsBPruu0NyBPqx4TfA9ATANgTCogUBtgUAdAVAfgWAYAXAQ

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 625D 31 KB
16 KB 215ms
89ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BP51X1MSa7A0dLEbSQDQqTfLTr2-U24rypd5amtFtXRvsvzYOuL-02_ayY47fPeDZm7rA1z-J60OhqEmqJZW6uyGkBVw&cry=1&dbm_d=AKAmf-DaKv_4HvpxWn0w5Oiv1wGAIhmG_Qfy3EBMGhR2dBmwV928qFcXQ7IHpTUy6J4shj16P_MlIzMWl_Lai-IZAhwQCiRgbG5U1i6dMcpDeY4tH2FMCNKbxfsBZL7DUOBrtJEs15wbRPnihGrqvgB3DNa-QE_1xBvjk_RrdmPpmZSqXiyA-KOPY_T1YcNwTUfwgqRLDLqn_VRF26I1Rv4k9zE6yLMyVws-zxK7ogazXzjbl57o0psWbAZF2gwBqTOIC_VDYzAN5bSveFKJat-MU1IRLBZK-LOeNm_t215WOSoov2DBP3KJ9wfCqZSZy3bYHK5b5HZTLvUhJBPlx3CBg4gA8G6fqjlFY8fBFWkPWACGmXLeux9pOp8UsexJLCTska_ttgDo7YKMHoBvLftu2NNHKwLitrTsCpMRBDPsqnpy_a8-oYKy6WxRPGm_M5U9x94KPy5ZcvaYT3PdMiNTh3kKfQceyUuMjhykVsk9Mhs4LU2vk1mZEtOu9zsNiUVLBwxpj6cnfGRVAeZAQM0m5pNtGDGtOPwaNXFQ_894TdPoQN6P-0t3zdDSafiqm2MPTOEbPbYS-B7LpjA0HY65vaMKf7inYVzcxHERcz4b6UdJVEgqXL2JXqjIJVfgKgqXMVRC69s_pIY1Pur37-rwMID1wTmZlL077NVaITSBf7sn_s7ic9IAnqgBFca_as-PA_O2i-3msneJufMDhjPanK4udtSW-P3rqTrebGEPyECiD_Q0Azndi-j4eR63fnBD-5WO0e-z7UaVyJmS35s3ZoJfKfi-iA8t3NeS15XsU0NAKbNLnondKaTDpYA_2B8Z3InzvA5H9yEAucF85phtEXlBYcXhNmxfK-F7uvH5e6O3eG_05uOYODwxFb7sLrIPfafDMKBT-kq4e_J5TsGwKfIfqcCCPfD8-UycdVNcXMdD0e_MX5JmMfpQtkbl8rq9FCLDqttUEhKDY9PnDOflg9dDQtLmSFMl2aSZ8bu-Z9kGsuuWeDIE_91FyvArP138jqlUn-t6u7_oiZRuegaR35jHSwekbNyCqSZLSHw26-veQuVz1w3eB0diMnVPw64OtXPenl-5SUHS1mA0Hpriy6wVKLdN1KgyPoHs2M9s9rXA44whVoSSPALS1NtX_ThWHdZ4T_k-6Yc9N5_pdJUjTPmTkoPjbSqVmXbTCLUhJ0m1XpFT55BGa7bAvIxQOEo-OeJFDKNmozz_wQrKp1z259T5ZbO_xLuKubvC7O1-goVrSg3YqKiLiN21FrKoRfURZtbjxCjk_zVl1R6t20BtHQ9nYLynSb_narQLjQnbibsDqcLhKhHVU4rXi3PyHxjwpt2sZtyGCxBz3uu5x-WPXUZNaGbNWSJsC9I9XyMqiLMuINZT55kLf4IB-yM3TlvBi9RE4iJn53t6pq9Ljem86mxdRGTGb9F95N-TXhRvL8Cdfj-0xl6rA4hrduP6pwSA6tmPss71j9vQ_6qrFbAg1JmXVc_VEVqrTXKHS5EtzsLpmgevDfWj7NWqTwQhj260HoM0By2wg6_SVV8aGko46RhLOCPd8aqOcWwgjepMgo4_2qe7wN51ruCSFp2naQ3Q8gjN7A6jneBWBt8um5uwcB4IOPFZa2TUaPFGC_kn5zKdlg5cGcFDuN7UTncIGKKPROHvz3jVL_inRGOtRImbw3dzHjO2GvHFEFszX5G-DWPxzCcIcLuWZJnFtOrn1pajkmoLbdhjkzsAxK930URN6-U0IkTX5uAHFz8ywicSwzqHYLLiaC4_ksuRNnJolnqf1IIWq0OvSChR2mWtbuJmyhNjbSkSiMH9o7XjTWSAw5X23D1uFeMlF4baKJWzr0UVuJsAwkuye5Hu6AdFhMZ3KGonZ5QgQDd0qyFDJEaUGxbqb4OfhR8nkuCWyfF18ZxSZrufj35015MV8AZ0NkypkNh-w0KqJ7WA8N2H6tbr175cze1r5d2DzLOBW7NizCVshiIn_7CNAcdKBBcF7shJN_zhT70zi32VD_dZgOEO0y0iTjbFowo3Sk5STpz2lndd9irrav9gvdEzwhrUo9DUgbox7yxbE0nK9UlMcPssg1iR8JGDMpFbDTXky3xJ1Ar1FzjejtTNIuLS7DCYfgr8QD7zH4NlsmgH0BZR3XgpEv8cItE4LdHsugX3aP7vFIs0QtsT68yG8nLO0adNE7vkOZe1Tg8gqamy4ebbyySdBMGCjHszqE6jzEw7JF_8rlBqUDhesokfuGaWqpKqvKQYwK34qEZgeDn_p7KlOaSox_SlDI5SIivKdJmaCz3Gm95ap18wGebvN56c-wcmb-gAIyfdyol7vwkl1TtUOrMymFYayNtwIx48UbYQIqDKwULIlGY1ZyV0l4S9OOSuh6btivbbruAxbuD4G9KvsJTfnEsbgKb9HsG-8c3MM8U6vXYp3cPBteyG9OjB3wr8OaGo-tFLzuk0CIUdDNjkO2ja_x2FpUfD8JxaRFDEiNmFnJkaQB0J75cDLP-eOd5xqmeNLQmttkJJ-5KVewU66TQM78-KUYXqOPv0u3_202r_kjF4zHZHOwEWluBQgswXCaeGM7xpk0mFqizgvV2ftRMIX3HqtEvdUs50d2OblaNWfIr0bxfv9rzRgMXjLFyRG4alaYciwhfDDyHoRrhSkJ0KW970Njbn12FSfctUQlCJHJZMQSyXqD7E9bB8xz-yuRdykValoXW1clxXODna5TW1tZvY1BybfNqqN8vBsbbIcUNaLAXEIEKKGO7sDriL00wdd0s3bhhCfo-v_Lc8WGLElfmLs17OWnyvO2B4AlcngSl0jfi9-I7Co-vlnUxWDctp1SQXUmt0CWRXLM5kiCuPtPOnN8ELajCovZ2qZJBWMNTR2rFldMITtvtPXK7FrvvqQelETw0AYsEJrk6OaIIhErTtTZBi20mIGU7KhZ_qE--o_2X1-L0gaDSPa2BxR7Uw4Tq4In7eGSI4CptRMfCrFxEXegNMFUbtqS6XJ49eVYtN_O9jGKPv5XfXOMkCRh_A26n131ItP7bzkNs3WWaNjtwiDfHorir3zqFYNh2PLTx0lT77er1FGU6NIDV8sAiv8q9hoYUb7fPKVEWPFJRMEjqxWwrdv_ZaemWHjktydCcA7zSDfyjrz51axGOjXRPRjLsz_2VHAMCEZpojJNfNEFLox1O29ILpc04y47cUPPFTH-l_JlXG6qxhXMnc-Id2MjEv-20Gl_F8Vtbti73ljBV6Y5O8ZHYd9A13p2z6w2xPC2IYCnn_jBhn3GDAIJNyqnycnHH9CL5l3fAXb6AfIeSfnAsY-wX0ICDJJUo65_gy8gZJJHZYiIEHHZmqRKXPZyhm28Rky2tgklCic_OuvtOPheLhWZG-gt5cKvMkCzvmUlpOWkK_Ni3oK4iZABFHfkJbQBT9uKBKQLZ60OTGU7JoysQjXaDVYZY8xY6IhWlSI_Pt8rFoo7i1n3XsrAXpt_11zkVoPsfMA6VufmKcXZt43J_YTN2Gt3qTwYiJi6h0FncpC4wYzPz-fT6q0HTL8bouu0LFywBedLMIETF8oUIpjKrSS-tnb15JbOXuS7RG8Ubdb-iiQmeaVOQ6GaohASF4ES2PgSl5snMLtpCCQWAKlCZkvFU&cid=CAASPeRoffv7zwYQXMkWhLCnLq0GEh6w8H1HUUjGzc3BoaJsAWDl52bZnoL79d8EcbKv9rRhfq46Oz1QEtML-AQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

97352f5082b6c4b5442b1fda4efd9dbd48878e1afaefff40313263e1ee793dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 625D 0
0 80ms
80ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxLs_ZQUQYofiH9GA7gO16q3oAdbxs9hnoo_6hsAP8C4QASD_sLwwYJUCoAGh9fmZAcgBBakCqhA2B4P_sj6oAwGqBPIBT9CMmQsIxUDBKtt5p-nBBjKFm4H7Yuct7s6iI7CzzaM5PL2ZYCZODk_awp-ueFCDu4EF1Rvk02P5RcUNnqPLoN5FbfPKfOjfWuJhZ67MkgmhKfOgpbza6I-zkt-SL0834ysT74mllMdG6TdI4Bzmaljd-oL7CJj7ShQM6e79V0-MkBUgEgDhmEqm27AZj-bm1sFlaOVjo8YkCwfjL9V1aFNswB9v0XTPIv8tXnf9dEPSL15ODngCZ8k0R2A3inxq49nXeyUZub1Usj67vPZye7y25wpm1SICzSHxC7o8yEyLgN4QNsphOiPO1iamtO8u5Y7ABO7ZgfDmA-AEA4gF77Xn9jqSBQYIAxABGAGSBQYIGxACGAGSBQsIIhADGANIj62rAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHx4qG5gKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD78BgYk7v7vgHSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTg4MzkxNzk4OTQzMTgzODWACgPICwGwE-u67Q3IE-rHhN8D0BMA2BMKiBQG2BQB0BUBgBcBshceChwIABIUcHViLTI1MzkzNTU5NjA0MDI3OTgYh8Qd&sigh=h7QZO7k3Vno&uach_m=[UACH]&cid=CAQSOwCNIrLMvCSvm2JUE3plZrdVQ8YN96qb5x1rRNA8o8AIXUQqdP3mlkh5W-VQyzA505My0QiJeImcvOmB&vt=10
Requested by: Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 625D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa6d1c62b8caf3a9b40d641f399129d30c3be139767ed311e9ec7f610ea56e04

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9435 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEQcbZQUQYvnfJYWS3wOkyr2oDgAAAAA4AeAEAg&bg=!WlmlWR3NAAbf-5Dq3_s7ACkAdvg8Wv_2kgaGbCvJf0f4bQshaVNRQwSUPgOkafqJpQYDEePDMQuxVgIAAAEBUgAAAAJoAQeZAwKyZsn1CX-NBBVnNK-pkiZoMjpoX-tVMGIS1KQCrht_V6Wd2WLM1-PmI_SDHvpmd4DPNnWA3xsFffu2kcVt2-7BTZwt0Cl9Nb80BAMRnIdy91EUVSFw3tUWBTBDLq1Eis0VpvzTAJarp8Lj9qH0dgUbPxd9tj0u9QP7ZilmZVdouNIHb4N0o9ufDCPLdM8EBt5wUfsIcG9BkQa22-wKzXfRqJad1T_Ork3sya5GfpTYviN5xMaa6WSVXYz5v-bZ0l7mN9_YrnX_qHn1XUXI45UweNVdaqbPfUC61QZRO-OOzMxw0WpbHYpZjWRm9nhu1zaqY4NCsPtZcCQT9IyuvCiUK41dRVbmC_sa659602jPApX28HGwQ_VPGmswSMLgDnV8V0SdLHjyOMMuoSzU0KQKcqV7iw7AWq6cw3USFEbMJ957IlUI3BqqjZlNLv5oue5iyVySuNnGPFfa9bE5OUSS3mnMvi-FbbsJ-Bisk3ecGev3uwcxuty2iXrYcY4r6ay5WWn3v_Vmjok_MFgSkQQBt7W3kf7vtD-EryaG8IUdJPljD7gLO3H-yw_811wEhI1Xw84dxT9NmBiQ65g-Dkm0aBB72f7oymfVl8khDbefs85YKjZHvAWZdazJMGYaw1OFrnW_hankJIuxa04ipCXUuN2EGkwCHU4LCgLaebp3NgCrapKkRs-jZBBtxR_egLlDrDWoE1PBNi_F7g0_3TET-KnqMFPwCpGrMw7VZ69_VG-O8dNTRUQyNriwRxebLAa1i5ixizK8aWkTag5ZN8a22yF1DwVdGk8_8kzWRZ-7wedi41FOij_3q7WUwJ5YZJnUlgWjOnPQJeO2WHqGIFIZtIM72vwtfMRLZa5cy9FYv7ZwSevDZTBP_YdbXKzey_7k9fJ_wRVoSoTGU-JFWuP301ESj3ybKz1E8kZpmC5y-T-abBqwzoZniohxCyvqXvEyKC_2xgpV3cGR0nwI3PmsXSO7v_DL0-bNO1A5pXlps89djBHCvcEnnHgacKu0NzMItA

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8C74 0
327 B 272ms
196ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kzsvssne&c=8384016094936&slotId=4192008047468&qqid=CMuH7rKPivYCFZGtewod31YHsQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8C74 15 KB
15 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 182947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8C74 15 KB
15 KB 67ms
67ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 39443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 09:48:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C74 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ce26NZQUQYovBLJHb7gPfrZ2IC7rIh69ou53j6sEP-d2ih9QBEAEg_7C8MGCVAqAB08z3zwHIAQWpAk41iotWALM-qAMByAObBKoE8QFP0Ildu7G8LIaaOC97H4KHmRu3O6Smv4J8RL-gXQGkkaTnPG_VImoXF8JyDwMfwtbbtWOeqw-uQv1ahb2IlDUsllTTlDXspoUqZWQjmRgIQrBHCZINbzUjO8ija17xl7YYXH7Uu1BFJbOk9d1aD0i7w6o4VKh_3tm0VHSPnoL1wCHGyQcv2t3NMgHodH-idZZ5-8x5kUNDhE3YE1h9a2pTxvgIeWabPCq5fa7jWnqn0Jc-A0csEtGAOebUBORAt3IJA_mXDmDzRbCP4WAi4YEZbTBX5PR-PdpBmOGPGdwfH4g5gLb_6u_-ytXz4AJIU7RHwASU3LvK8APgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsB4AsBgAwBsBPZuocO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1645217128207&ai=Ce26NZQUQYovBLJHb7gPfrZ2IC7rIh69ou53j6sEP-d2ih9QBEAEg_7C8MGCVAqAB08z3zwHIAQWpAk41iotWALM-qAMByAObBKoE8QFP0Ildu7G8LIaaOC97H4KHmRu3O6Smv4J8RL-gXQGkkaTnPG_VImoXF8JyDwMfwtbbtWOeqw-uQv1ahb2IlDUsllTTlDXspoUqZWQjmRgIQrBHCZINbzUjO8ija17xl7YYXH7Uu1BFJbOk9d1aD0i7w6o4VKh_3tm0VHSPnoL1wCHGyQcv2t3NMgHodH-idZZ5-8x5kUNDhE3YE1h9a2pTxvgIeWabPCq5fa7jWnqn0Jc-A0csEtGAOebUBORAt3IJA_mXDmDzRbCP4WAi4YEZbTBX5PR-PdpBmOGPGdwfH4g5gLb_6u_-ytXz4AJIU7RHwASU3LvK8APgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsB4AsBgAwBsBPZuocO0BMA2BMNiBQC2BQB0BUB-BYBgBcB

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8C74 29 KB
15 KB 168ms
105ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Ahoke0ypeTh5q5IZO3E30pCGtWi97kmxobro6JTkt-M3KQFAMjUTZNU8CdFzPe94IwbLwCPsKG3szeE4XS2uFqKmM7uw&cry=1&dbm_d=AKAmf-AHnyVZAcKOkkpLRpB2ecoj5pIXrWAJtzOBwVCrsZE7fGShh7u_FKBTDfx2Xpg4tX0gqV0aRgJqoU8BzCy6DQSW3ltGG36cDmRBUryA3C4AMKpCg8iM9bLG-GGQRAmHXvMaPV3WOm59kMEXli9A48i98ewP-dPUf_pywkLz8F4wDg3gmcJJMEOrO1Fz5Sn4B-Z0dDSs6CV4EQrJKpIUQDsL9pNwlmqBE9fe3kI0PmfLsaroeK02GUqz1mfMFIt3eC3st1a613HwK3CLPcq_xspz5lT4cMAm3SaSr6x_giRDg8YxGs7FewDstb8qBykIOKRPmLzs1svGFBGJm4Y2BgEbcbzN0EPpvXaEXvtzPVvuYxsk8vkkjWp5t4LJP92MWeXPMXx3ORAbz-ZqVowyf81qdURrC1Oc_jl_hjHTun6Zxw342P0ov-z1SH0jiMGoV7eoUcHpNLICfpmJioRWtxcXJXyxnGaK8SqM5kzzhlNM3ejdcbiskpJTy3JOD0Hm8OnlqfWeNHhFy5VhT4N46E9uWB5Gje3nXBAQicKxOtsR7DDb9baFFp9IL66o1_QIPK_WXw8Q8obwVaol2sPlOD5YjaoRczNrUm_pH2v4roswFPBUzV69Al3hQSn7e-Kr4E47v_iWXo-pbs7PwlrRdECLqzzvk75ny8Tdid19mOV2XloTk47xibijifgP7e7c-JzaI2wrM26F2efdw-Qh-CeQN2GPe1QWXI0k77mt4kCYQQWuyEZefiySpXvjwZCV9YaYAuIAGRCnp3GnZMdrbEWU3c23TPtjYTGmBIV1H2r8htiN6DJU7mKHTrgpAqs6tjjLRDDTDK_NsseG17bpa3ZolbGNRAuUgrv61-sf3X2v6P3etphg4deP4LYZ-JPTzqOj09hmUC9i8ZNw44kkIl80qHeQC_gFBXQ1FDbKxKJUMSk0qPVIHRipwIBQKVlKlHR78JVf9bXLb22HxoiBp7UFakOlN8z5IITnp52aSm3Bf8uErdM2nKz0NW8P9kzLI-c-rwrCo29kTtE4CfalqYMfRSbvXlry0vOMNOwBSd7WjVFYwxsEJ69Avd-DQbWyZm2Dr4WaRlb3UazdVp7mIRWB3eKkq0I8kJGkok71hKEbpjvjBkzusYumkxURmtQwKaueSWAvw5yNIjjgrSI_n6E39Z1sGrQ4UEeQeN7K25xPnJ7FH2H_W_lHJm1qZ0sbsYmZYQkd-WHdgkMwgB3eIIqrUWh3V90bOUOD9wSKnd67ZUALkCMh3FetJ9rANX2JwR5Ws5EXW5GMhO1SamXAlsQPCy3HnRWmZ5dZkE60pwOXZgSYGyjS-TV9w8ku28EJtymseobvoL5abJXF--D_6bxLF8SHypm_L7vgWOXVxSZhqOqvf0qOPjLsSjkBcPlNKF54xCX49W53ecMTOtprS3SNeV8xEAWfwUZevreKJbKBWTpM77z9NoBHn2GQ-OJU99qF0vG04wC3r_r3j8U3Q2iS4qDuloFZJUxoRN0TL6Vf06MJi9ffxKAd5mxvU2uxd_uXRWC3HLs2yD_R3uAi1i-8ovqgkwvLF2KAQ0IrRdGQUuz_S19dF-lZ9ZC1PAzbrXGKJGGynrk6Z8ciquioShEkEq02E2fDn_MUpn79wWFiBDACSFPMwTXYDkVwlM-9B1znXHTQfUPM40kUe_9krs-k9vbMcldJBCLgNGydPBctnY6mmwKTfhVZUSXx3EUa-ssjgjDKXaLBmWePUdIH13bZ0eOhZb1s4THBEeh0fkeSfNokVCIz51esiZQEHJTqC5EmZNtYNVcv4A-0FnjT-GY3uPAOKnk38ROAbNravmpukaGWf7WI3HNNhWNK9Muyh0o6CjOeP40GxlpqvDYeXIl3zxCZCnmXFMxCErGMVIlf6OVusLnEljj6IrEDi-UxDCXKBTaHRfIO25JlWJaGWw4W5sJZkcynjxcMkn77u5RNLvpRndi4dtJAv2i_uqZzuJVCz-WOregFE3AjXUt619fpIkYZK1448ASZ5qNwCvsJxXqOlQJOcTsX6j-BjaO4sl0bJle1kv866AbxwYmpQIi-V8bQrX_Sq-T39I7DLFwrU4bJboXsY4qff6I_xD7pdBtnTRboqTvKdJtD28LNNR9Oqeplv9hmFZN7Ljas04BmCbRj0x8jWf9TvlNOq9uxsoi8_yfGs_F2nirT5XdOmvf3Eg0_Tgxo2tX8qXscvRKkptI0fjR_0xALf8L1p65dVuBsGR0IWb3XZB0aYfdqmtAp6PtxXMa_QSFJOApwSfqTLySW0F-YCaMBW_S3iRAwQJmCF0FpnLyLlpD0Fvlrj8AevsUj2u8DyvyntJkdEdx4l2DcvTWM-3YtnOgHnwg0q9b6vex-K6s_dpC5bROr8n1PwenHImSTQfVjdvW-IeX6UcPyjPU96iwgL6wckLG0jRZSgAqtrd6cZFsaXvuVv2TqKj98JDCMNtPCOd_dQswty5P6lpjuFRE1TtCzcDYNN69tW8FkNFonkz5KDRc03iDoHXjFcoy6lKFvErfv7eOjUC1RkyhI3vqryr0r-Kkh0OcICN5mYTFlCBwBip3BHkan9bHSF4c8CC4CK4_SvhJAWFlMTPAP6AnQfaFCv34rGF1gxVUQT9c5BSEEaAsCpg90dKyILZCaIORwueHDxlafcCIsPPeuvOTGMlCTmIPs2tp60U5PqKivUEDCywBNpL2q9HMlxs0t6vxH7zKqR4Tslq0AmrPAJ6uvcGhPCKdHGA3nfNeRzDgtjdrEc_4UZjSOCXFw_J0_tJZzvvxaWuNlRL0kvlnQ6JoM6Me3l7DUKtzD_5weHAessOtuP_IuJf3ReiM1o_XUViPB7hziI2dcVZuYiwurNeOQK566to7Ev5J-KCi64FJ9oBKRI9D7I4hQbsCIwObuEIswy6WzR6m-dy1Uw5RgAEvrvWN2CI13g7sk_cU_4xtDasCcB3H5HQktMN6CIXFEkfib3wqMbED0qC6_aT9Dn8rIPBtdPmiQNTdw4yU9idGPl2smwqEtHrz0yo5kIEPH_z-uiR_9B3p1aIVr1Lm8xirOymq2xceGWMpT56sSBtG1xuLg5JB74tu2df-L_WMvZr4qrdA6Mf4ZfInFOfGgsFpI3arEwag_SM6WDX48tablFmXapEo1VnYfh2Qni_myUOJVb8aBt8yHEzJ7H7Bt_w8GceYsVWmo_a6-GoVVPLHsyS8HcvDlKIiYPLRWBUIL59Y3xeGhMgBhp5FUmRh4jCkVttDHEN1bYnYLsvBRgA9bLazRCPWtY9oRFIFPH7fJOauQ-9npU8r_OwTxYZhZaUVMNKM69YXUCuDq-gLLTtwiOKmj9DjWP69lgaJSqxZ2oiA4q22vXxxiiCKrZKHi1s-P2_qK3l82xxBNvP-x3pCQAxbTOmkGQXMpPLbUiYo92_tAajGaNjgMBp8OnLzjQMKACtNmTfJ27r0-G7aCzecEzCVF1kg_p2hsBCv9s20ZD8ALmxeMu_5_vL07FDphQIUiz6qaO1BzTBDXhRSgMthLSb_0vTkZrU0gylXCdhgu9oQrXWYDlaDZAdyp--EdEAajcj4Yvjm-Xv9PfVY9ARFT6ltBh3r8BMry2RrwwwNSQOClJOE8MLbXloKACaqe7PkWCcHkAbLhPUtdhXt2FeOUW8Lt37nFSK8iFf1eleAK-r_215m5pGcSCYKqo8U2NWOqCFI8QvYBQ-c7JjCZLQRPZdom-jCGYvyX8V8Yng&cid=CAASPeRoT_0PgUG6m0jEbwTBx8HZ5b8mjfjpqltVsICKbG9T7tUKBTxdr4gZKG8qJq8deLq3tqMHA7IHm_fXwdU&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

760635e46fad7f23cadf0602b3db27de071cd518ecbb04041723f4b1806662c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15168
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8C74 0
0 80ms
80ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CM-nxZQUQYovBLJHb7gPfrZ2IC7rIh69ou53j6sEP-d2ih9QBEAEg_7C8MGCVAqAB08z3zwHIAQWpAk41iotWALM-qAMBqgTuAU_QiV27sbwshpo4L3sfgoeZG7c7pKa_gnxEv6BdAaSRpOc8b9UiahcXwnIPAx_C1tu1Y56rD65C_VqFvYiUNSyWVNOUNeymhSplZCOZGAhCsEcJkg1vNSM7yKNrXvGXthhcftS7UEUls6T13VoPSLvDqjhUqH_e2bRUdI-egvXAIcbJBy_a3c0yAeh0f6J1lnn7zHmRQ0OETdgTWH1ralPG-Ah5Zps8Krl9ruNaeqfQlz4DHy2gu4gTBuaWRN5Ifb38jTSNdVTGvzI_c58X7QZnjF3N7KeEQVQ_QEMM8gfcLP-TCwM6-tLSd1gHDfzABJTcu8rwA-AEA4gF-Z77ojySBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQo70FGMmK98EB0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsBsBPZuocOyBONlafeA9ATANgTDYgUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNTM5MzU1OTYwNDAyNzk4GIfEHQ&sigh=kNVVsygmqoI&uach_m=[UACH]&cid=CAQSOwCNIrLM9X0tBipRvsjlnZ0B_hqzZVcpTPwRYtc8Uqh2bVGnLY4VuvBVt-gxcylMTpMm0o7lfCyT4ogw&vt=10
Requested by: Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8C74 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df9aff62cc4a768eb35b2f47418eb37cc2136cbb18a350df231763c8249f7c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 625D 60 KB
23 KB 54ms
53ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

994ab1ecd36f2f4b3aeaeca3a8076c252afadf3710c183dbbfc1e0930c4ea081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23125
x-xss-protection: 0
server: cafe
etag: 8562238015891237552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 21:21:47 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8C74 60 KB
23 KB 54ms
53ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
URL: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

994ab1ecd36f2f4b3aeaeca3a8076c252afadf3710c183dbbfc1e0930c4ea081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23125
x-xss-protection: 0
server: cafe
etag: 8562238015891237552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 21:21:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 625D 0
54 B 198ms
198ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzsvssq3&chm=1&c=3190168124789473&ctx=2&qqid=CMeo4bKPivYCFVGAewodNXULHQ&met.4=fb.2n~lb.dm~ol.fn~idt.fg~dt.-jg&met.1=1.kzsvss8e~6.0~7.0~8.0~9.0~10.0~12.1~13.1j~14.1j~15.2c~16.dn~17.dn~18.dn~19.fn~20.fn~21.fn&met.7=CBsQCBgBMDc4swRoAXA3eNAagAGkGIgBzi-wAQG4AQM~CAkQChgBIGAoYDCyAThSaGpwqQF48D-AAcQ9iAHQlwGwAQG4AQM~CBIQBxgBIGEoYTDfATh-UGFYnwFgYWifAXDeAXjaB4ABrgWIAdw-qgEYChZSb2JvdG86NzAwLDUwMCw0MDAsMzAwsAEBuAED~CDoQBxgBIGEoYTCcAji7AUBiSHBQcFjkAWClAWjkAXCbAniaGIAB7hWIAedxsAEBuAED~CDoQChgBIGEoYTC5AzjYAmjkAXCcAnjX2geAAavYB4gBh5cWsAEBuAED~CBwQChgBIGEoYTC4AThXUGJYaWBiaGlwnwF40jSAAaYyiAHldrABAbgBAw~CBMQAhgBINwDKNwDMJkEODxo3QNwkwR4gH6AAdR7iAHUe6oBDAoGcm9ib3RvEB0YArABAbgBAw~CBMQAhgBIOEDKOEDMKoEOElo4QNwmQR49HyAAch6iAHIeqoBDAoGcm9ib3RvEB0YArABAbgBAw~CBwQBhgBIOMDKOMDMLAEOE1o4wNwrwR4rAKwAQG4AQM~CCEQBBgBIOkDKOkDMLkEOFE~CCgQChgBILYEKLYEMPsEOEVotgRw6wR4gbcBgAHVtAGIAZbgA7ABAbgBAw&met.3=113.hp_1~112.hp_2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 131ms
68ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1afc07e44f673401d10e9b7a3e8f63234dbec7aeaf3dc7b60495ed1cf8b9c651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10042
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/v11.0/plugins/ Frame 6CE0 0
21 B 151ms
150ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df104160ee98547%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff22308de0bb3b14%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=661b04be2407c11c8298d3b66e9c969a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 0A8i2o89QOWjDkdIJsRoFQbIPflLSp/mwnFoMrA+gScV/NIKJAsOBeldXXP0hjQM0eDW4pvH9+Bw7ViiftdplQ==
content-length: 0
date: Fri, 18 Feb 2022 20:45:26 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 1144 60 KB
23 KB 54ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: balleralert.com
URL: https://balleralert.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

994ab1ecd36f2f4b3aeaeca3a8076c252afadf3710c183dbbfc1e0930c4ea081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23125
x-xss-protection: 0
server: cafe
etag: 8562238015891237552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 21:21:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=balleralert.com&doc=complete&pg_h=5734&pg_w=1600&pg_hs=5734&c=4&aa_c=0&av_h=170&av_w=727&av_a=88630&s=507.281&all_s=507.281&b=3776.719&all_b=3776.719&d=0.119&all_d=0.119&ard=0.039&all_ard=0.039&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 625D 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-h0jelnes.c.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 625D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-h0jelnes.c.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

233ms
64ms

Fetch
video/mp4

2a00:1450:4016:7::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-h0jelnes.c.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13161D7AD729370CC7D7B59B9375790A777002A1.049EEE0A135BD9D6F2A5D479E8F3FEAC19289856/key/cms1/cms_redirect/yes/mh/7f/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jelnes/ms/onc/mt/1645216504/mv/u/mvi/4/pl/46/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4016:7::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:26 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2218799
Last-Modified: Wed, 05 Jan 2022 18:53:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 18 Feb 2022 20:45:26 GMT

Redirect headers

date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-h0jelnes.c.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13161D7AD729370CC7D7B59B9375790A777002A1.049EEE0A135BD9D6F2A5D479E8F3FEAC19289856/key/cms1/cms_redirect/yes/mh/7f/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jelnes/ms/onc/mt/1645216504/mv/u/mvi/4/pl/46/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8C74 0
54 B 196ms
196ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzsvsssr&chm=1&c=3190168124789473&ctx=2&qqid=CMuH7rKPivYCFZGtewod31YHsQ&met.6=6.1_CgsYoQEgPyoECAcSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8C74 0
54 B 198ms
198ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kzsvsssw&chm=1&c=3190168124789473&ctx=2&qqid=CMuH7rKPivYCFZGtewod31YHsQ&met.4=fb.1s~lb.ab~ol.cf~idt.aw~dt.-o0&met.1=1.kzsvssdg~6.0~7.0~8.0~9.0~10.0~12.1~13.1j~14.1j~15.1l~16.ab~17.ab~18.ab~19.cf~20.cf~21.cf~22.24~23.24&met.7=CBsQCBgBMDc4vwNoAXA3eNAagAGkGIgBzi-wAQG4AQM~CAkQChgBIEEoQTB_OD5oQXB9ePA_gAHEPYgB0JcBsAEBuAED~CBIQBxgBIEIoQjCHAThFaEJwhwF42geAAa4FiAHcPqoBGAoWUm9ib3RvOjcwMCw1MDAsNDAwLDMwMLABAbgBAw~CDoQBxgBIEIoQjCGAjjEAWhDcIMCeJoYgAHuFYgB53GwAQG4AQM~CDoQChgBIEIoQjDfAjidAmhDcIYCeNfaB4ABq9gHiAGHlxawAQG4AQM~CBwQChgBIEIoQjCEAThCaENwf3jSNIABpjKIAeV2sAEBuAED~CBsQBhgBIEIoQjCGAThE~CBMQAhgBIO4CKO4CMLEDOERo7gJwpAN4gH6AAdR7iAHUe6oBDAoGcm9ib3RvEB0YArABAbgBAw~CBMQAhgBIO4CKO4CML4DOFBo7gJwsQN49HyAAch6iAHIeqoBDAoGcm9ib3RvEB0YArABAbgBAw~CBwQBhgBIO8CKO8CMLwDOExo8AJwuwN4rAKwAQG4AQM~CCEQBBgBIPICKPICMMIDOFA~CCgQChgBIMMDKMMDMI4EOEtowwNw-QN4gbcBgAHVtAGIAZbgA7ABAbgBAw&met.3=113.fb_1~112.fb_1~246.ff_1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C74 41 KB
15 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Feb 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-h0jeln7e.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8C74
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-h0jeln7e.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

221ms
64ms

Fetch
video/mp4

2a00:1450:4016::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-h0jeln7e.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/779E43361D431060E8FB3E7158BE292A388B29C0.0B7F0E63A016FE568E04BFBBF687FB03FD8933DD/key/cms1/cms_redirect/yes/mh/Vv/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7e/ms/onc/mt/1645216504/mv/u/mvi/3/pl/46/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4016::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:26 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4483753
Last-Modified: Fri, 11 Feb 2022 11:46:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 18 Feb 2022 20:45:26 GMT

Redirect headers

date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-h0jeln7e.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/779E43361D431060E8FB3E7158BE292A388B29C0.0B7F0E63A016FE568E04BFBBF687FB03FD8933DD/key/cms1/cms_redirect/yes/mh/Vv/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7e/ms/onc/mt/1645216504/mv/u/mvi/3/pl/46/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8C74 0
54 B 198ms
197ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kzsvssnj&c=8384016094936&slotId=4192008047468&qqid=CMuH7rKPivYCFZGtewod31YHsQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.14h
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1144 0
54 B 198ms
198ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzsvssu8&chm=1&c=3190168124789473&ctx=2&qqid=COuSy7KPivYCFcqjewoduI4FrQ&met.4=fb.3~lb.9g~ol.pb~idt.lm~dt.-da&met.3=736.9k~735.ad_1~740.ae~734.c7~734.fo~734.ih~734.ls~734.ok~734.rc~113.s4_1~112.s4_2&met.1=1.kzsvss25~14.0~15.0~16.0~17.0~18.0~19.0~20.pa~21.pa~22.7j~23.7j&met.7=CCIQBBgBIAcoBzBUOE1oB3BUeKwCsAEBuAED~CAkQChgBIAgoCDDCATi7AWh_cLoBePA_gAHEPYgB0JcBsAEBuAED~CB4QChgBIAgoCDDGATi-AWh_cMUBeP0LgAHRCYgB0hKwAQG4AQM~CCoQChgBIAgoCDDAAji3Ag~CBsQCiAIOMwB~CBcQBhgBIAkoCTCNAjiEAmh_cPUBeMCxAYABlK8BiAGUrwGwAQG4AQM~CCIQBBgBINMCKNMCMN4DOIsBUNMCWJADYNMCaJADcN0DeKwCsAEBuAED~CCgQChgBIKwHKKwHMOwHOEBorAdw4gd4gbcBgAHVtAGIAZbgA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 23C0 23 KB
9 KB 56ms
55ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Feb 2022 23:00:35 GMT
expires: Mon, 13 Feb 2023 23:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 423891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Feb 2022 20:45:26 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 42A3 23 KB
9 KB 55ms
53ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Feb 2022 23:00:35 GMT
expires: Mon, 13 Feb 2023 23:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 423891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 23C0 35 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 42A3 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6577 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 15:25:33 GMT
expires: Sat, 18 Feb 2023 15:25:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 19193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6837 783 B
537 B 66ms
65ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

080a7cd8090fe14503466d9909e988308b013aef9ef19a41a17c84823d2d574e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+zkM7ZJpgj39MEKDA2VIUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 18 Feb 2022 20:45:26 GMT
date: Fri, 18 Feb 2022 20:45:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+zkM7ZJpgj39MEKDA2VIUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6837 0
0 108ms
107ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=3190168124789473&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6577 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13646
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 07:09:57 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1144 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsQ0VNF8hQRL4A5TYWADtLwp7LdXhu4iyURVdzWeG4fMDWY-1jHvMrsjjKtMtzdOziJ9_Js9tWAA7TOfPvqIY9g3wRL7ZQkmilFdWSAkbVcsf-dtKt&sig=Cg0ArKJSzI0G8KbSRICmEAE&id=lidar2&mcvt=1010&p=1110,436,1200,1164&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1278255468&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645217127437&rpt=336&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23C0 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_eXZZgUQYtOmHI-RbYW7k5AJAAAAADgB4AQC&bg=!GxilGFzNAAbf-5Dq3_s7ACkAdvg8WuJleVdtJ89bSh0U7brjGf-jL-gB0Tr4GSBluoRBKQHlmmeOmgIAAAC1UgAAAAJoAQcKAGvNMa5FkgqTC37PBb-SSinBAqoRed4ynAkeH6tByXp8zVdi48eZ2lymrOsgPwqhnYpB9Oe-TSvMEJeHz1pq7pg4A2oWKOlH8rdjwFGISJtAsH8fZub1UhYI3URLkyVRBguwhROvp5r0G9lCC5kC6c9Vj8qgKs5AaKYQTZp6Qc5OjC74NfOXh3hW1-SyOhbZjLwb3vvoGzKBIVXl9N3qMGSMbBSy_a_tZsik-ayW40qUlWkjxWAZKyau3JJEavM0e73gM30zdne0WTKxZOIG7EYN6Sk392oMlPP85iW6eKPr_-gab5AAMuIGIkhMqwYA9HORPuTNrUa857ZAbPt6ulB5Wla4ZXakKzz2xgEQqejENSX6druXT0lOlE6oNim5j8_czUGy-0s7pkiXkaMV__9hSlXdMxMY8ejIY3KYcln1w4H19jZf_A15RTSeSdSxXoy4he4NMvCRHZd7jDsP4FVW3hrADxDlpi7sucpWK9gyhkWs2wkdd3JQwRCPdYCyM18A95N3oFOWz1J-qbj6Ru5mOmzKM_TFnSIl-_x_DwayWFRrH-hUuiNPelpwi3592Z0pwFr5pHeYg7YA6BrInDA3tby0yDn5W5rFZpJ3pyKcGzPKgkrzW77Ta_9qb0jv5LXDkCGktuGVFxD-dukqh1fpw9eFUdZST2C4GoufWQSLXMCW-GE1t2Etvlk4ESlfyvJJ7dq4da8U4Uuh9avfGOxEtkXtRSzH9EjhcDNA0R8CsWzvbOmypSN4UGkHRkvVDnXBl-8-nIwrA6nGLajr2Irl3KUYzn2eXqGnuShJ4jvcHwhLNDMLUN595ZNAFPUFya2LnqlI3l-ePhu4f2hdhbn7AAmgCGZI8iLjIpWfjZqhnRWVE3k7VKrYHYNWa93v1bSrs4hjlmmO6ZuTix_m7m5hFn_U3926NIkiYfchLN76OxemvCV33UKtuO4P46FmjeWHzLvlE58A93iDKYM5v-LjvGmgkhYbYIjGYUO_wj_XigBx-YEyDBz3mPrx69G4NWZqBoquY9ySIBRwkYowip0Ab-NaYxXCcuk3UZlGVmveT-Kh9EXs-lI1lOm34F42AOp6cy_gGUh-QucBexWbIY3mtDYJo6MnY63oGQzHMd_0BQWbqS4xOjM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-h0jeln7e.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8C74 4 MB
0 130ms
64ms Media
video/mp4 2a00:1450:4016::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4016::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4483752/4483753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4483753
expires: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Fri, 11 Feb 2022 11:46:46 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame 8C74 0
17 B 344ms
198ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kzsvssty&c=8384016094936&slotId=4192008047468&qqid=CMuH7rKPivYCFZGtewod31YHsQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F1010c898234a80bf%252Fitag%252F343%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1676753126%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F93EF4758EB9F0C035DF1F3A2157D500CE7ECA462.A494AD1A8520B1516939AF1DF97F8829207D0346%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-h0jelnes.c.2mdn.net/videoplayback/id/605bd096082a2b3a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1676753126/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 625D 2 MB
2 MB 133ms
66ms Media
video/mp4 2a00:1450:4016:7::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4016:7::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

754eb9144e99669e5aa4bafe923571e0a634c71be827b99a32132121df2f537b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2218798/2218799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2218799
expires: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Wed, 05 Jan 2022 18:53:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8728 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWCfo3bC8sJkb5qNNl8itiRQw-mK3TmmqEXQbuKCCbNt0WGgWYtUI-Xt_sIYQq6tiY85tVjstMNFVflTq6XWoDRbowCxP2zquaGFOpX9Xpl9wj6bPL3w&sai=AMfl-YScxzZN6_p4mX_cMlK_E1BKAI6yfyIcFGP63blbEcTOFiBG9b7L7jbXi5AmjvBcPWzJ6OU3R6CS-VH-rA3LblnfuMygfOzWWlAkf1UJ4POWBUdl8LWi6CEkJc0&sig=Cg0ArKJSzCgh2Ob0jzH5EAE&cid=CAASPeRors3Q6HlHealSnREYADlzcyUPOnxWcfIrHow-LXXEujQ8kAfZokFAGYxdQxF5BwOLn-cRhmQIQoAduqc&id=lidar2&mcvt=1014&p=207,436,297,1164&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3807761084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645217127292&rpt=559&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42A3 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bye0uZgUQYpS9HMHzbuTkpOAFAAAAADgB4AQC&bg=!Y2ClYCTNAAbf-5Dq3_s7ACkAdvg8Wi57OZbVTIYFkgcHGTCGiedNQA7UaYTHTOPPQ9jB_bS2XWDiQwIAAADGUgAAAAJoAQcKAAbgFwSifRuZAxabQrjz1ZuTbnYCAI6gQQXoDXG2uyns4IR7-eJX9igUjl4l7KTT-x1YiX4utC-HEi0pT1NO-WIA8DZS7LD4-jMlTAWRecD-GnvjsOeUa_CkJDcaZJM7OxYVrD43U0mlEtCdkLtUE-6dQLr4zayr71grPCoAZqIrJt47qGytlsI7JZ5dRmWju2b5P5sQjWAChOobT8oEm3bE2px2L5ZvCfCCKCZ7DGJv2T6d6-qB4BuDcy9RvC_9CTxIvN48u9oOwewrkeVCOGLVWCWGcmw4LFgRg-bDAhKYL6VDAnnREzxuDt61dFT61KmrBzfsNKkbE2c2V_ELcNWNnQ8CayszL8F5zpISrHHYXwbI9A093bMvatbycU8p3X7GhYJplGFFEP4uX8PZuvHAS9ZdUUGmsFfwOdtPkbO_1VeD1oJUcJRvn1EQ9EwjsJyf7C3cwJHPUS7RW-rB1m9K8qm2b8OTCOXTcBx_bgVFjetCE2E8lPzyz7sMokNfCcn9ewdL73nI6-LJVlY0vJ5VpEDa_eFUX3VBG6RBUNLQQiLrL4pHI644qE2qu6HtTNzM0XGBxgdnpxGhmwzU8lv41kJz9rX_Jtf6Vdgg6NdiMc0W9ORwz8lxbvHt6QvsW8zc_U3yjlwA0oIrQWsDh9v2ZGlTwtlyvg-vbkNzhYHGeYTFUb7RNNvpcJdJm2acgGfun_vqoBhc9_Gu46-cjCK-4SpLOSKyyuYe20hVVHfa3CRdzhFmfy_gOiKGozmQuB0lrBCujTD1qStLYkJuDbwh_bCoJI0qYBG4I5wbpIIWR9WTGi9qJKXQxqsC_5oYJ2wsV_hu-WwcpQJ-23bx8Gk_DcQOw26Z_21N2AYpMUDajxaRwIWb675sMRPeQgObM_ltmVAjWJ7AhW0TtXVbCreiFcnnBV18qku9OLfsF7afLE7y44fv_NZnMYVyR5RpsToGpmUAWoZhNKDtF4-vLVEQfU8_aMrZtzciR65XatG7IP_huBqQ4oUTH0348RqAMLHe1_tvj2LKLvKiUaJSoYlahO8DT-5mAhhflyZgfXpy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 6577 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=3190168124789473&bg=!uLulu__NAAbf-5Dq3_s7ACkAdvg8WnE9oAtK0r256ihRd8bOBrjTgNb7ImaWI40qQsxEOYqw9bJNXAIAAABnUgAAAAJoAQeZAqCk5VasjGGVKHNNfaookaOrEJ_3Tfnwn33758QrNX7UnBl9g8oSnjrK09D75R4-U3QSYifX0SDW5z3zIBsr_vneC7yiyXVrGUkzEdZndUS0WrRRAtvwlOputcpNNGRuCEOiqEhW0SNSYRk4ayQ7e9x9ofpfi9qGL3x9BDmpIvXl4eTHwZLpsWZjUDId-quxUW8cs4qBw1nPPsVrVYUuv661lEDZlB5-_SyGbwBiQRaSTk1n19KNe0LjckcSipteLGi70qs9csoY3QnKHbWgoDvvWAUdKKdCJUhT5SOVF2uyBv5X5TvKRjaI_aTvR5re8unQh64vVZWeAt26Ss7kN94BDGdVHKOOrwHHf0jQR8HdawOTRcFCMw5HjLPahV_0fh_BPkzVC3aTZ7l5WdNp7uYUAPDlmJHCb0rci_ZyUd-DxKKdQMIrWgFji7O1t0CeZZbxxPUTmvQW4qombd2Ewg_kY2D6Qh4uPduqdJkBnWrsxWoy2sB-0umA70cXj286Umc2KMonX0Swv8Vi9l78aeuFhyncj6-7K5VxzyDO9sbrbYpt4shifr6e2p-Pe3HExm3mnrZ4G5wjFxponLDCDkdzMitAF8JJugt5SswscGwy2g1Crc9fAHZqLQEOAFEkLUcFDEbX3SCDC6wdXFuol73vJTDQcjplfXFmfuJCYUt-flxiMjfbD1HsvaGWTVM1aQ_QISD7h3ID8XWXxE-kIvkM2pGhqUx33MTqMnnaEcID9a60TGdfV2Jl4d74ppXe4FiPWX2MB1jLuY3OE6abCboJQwFQ-mK3TMDJJ1vgRq7qLbfZBVk-6bYAdwSXBpFhFJWT0xu-p7WUZ8JHxkqovCqTmi79ieuqCixwGVLa72lg9knBr5WIQooDXU__eKkgNqg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIlIibs4-K9gIVwbkbCh1kMglcEAAYACCUzqRPQhMIy4fuso-K9gIVka17Ch3fVgex;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 8C74 42 B
494 B 196ms
66ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlIibs4-K9gIVwbkbCh1kMglcEAAYACCUzqRPQhMIy4fuso-K9gIVka17Ch3fVgex;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30016%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1645217129081;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8C74 42 B
64 B 68ms
67ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce26NZQUQYovBLJHb7gPfrZ2IC7rIh69ou53j6sEP-d2ih9QBEAEg_7C8MGCVAqAB08z3zwHIAQWpAk41iotWALM-qAMByAObBKoE8QFP0Ildu7G8LIaaOC97H4KHmRu3O6Smv4J8RL-gXQGkkaTnPG_VImoXF8JyDwMfwtbbtWOeqw-uQv1ahb2IlDUsllTTlDXspoUqZWQjmRgIQrBHCZINbzUjO8ija17xl7YYXH7Uu1BFJbOk9d1aD0i7w6o4VKh_3tm0VHSPnoL1wCHGyQcv2t3NMgHodH-idZZ5-8x5kUNDhE3YE1h9a2pTxvgIeWabPCq5fa7jWnqn0Jc-A0csEtGAOebUBORAt3IJA_mXDmDzRbCP4WAi4YEZbTBX5PR-PdpBmOGPGdwfH4g5gLb_6u_-ytXz4AJIU7RHwASU3LvK8APgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsB4AsBgAwBsBPZuocO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=nvUXa0BI5dE&label=part2viewed&ad_mt=5&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30016%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1645217129081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C74 0
24 B 130ms
129ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_oB8ZwfKbq8H9QOLlGxofH0MUXxiyNObYyodZMD07hoxjtzFnVn_ezILk1gDFKj1sHdhfOv7J9MczceWXY_lnkft9JrTmaCPdXBt4v8wqMaiFcWb1UL7AkYReWMDDDRvVXm6XMt7WglBULrEVZ9GFCFHsDH7TfPgRw5_7ZiZ9jzbK2J19-07w6Uy__r8xZTs34PF-b8p9ROxscYEIQNjKG7UyPGasGBSbU2lXYRftLurjKofPyvB17Y0JwBQkMFjVGbQxsp2lK2w5k_hc_CAaYGXhm1YGHoMyePZXMz36yUBpWB3G0Ql14zRGTdMQrJpGgWhppsM-uvcL9HMu6yrJHClgcxLcKQ6BAfX5lWglWy-YSleM6BenzicdGzEJpSyN_hz8Dcv3gxYAOsRN0IM0o9vrFjfaUY_ClI3a6nOlzHM3T64RuT7wz0pGSWsy8_yumFDwYMmxDLxbREJJ4gB0p83tTVV_gvJzJWz-caFIg1MG7tpKBs96Q4aCwh-73yOyQ-eEJsCQIYU8EVjNncJdofNX3RI9L0j0JPAqMXdMbC_R4w5U-Pqjob1axxbtyB2VlJt_dGNTkMLjmpv3FVD1hwG2P_9Kmvbz8L4OMyC3zxKehxsieYidE6np6QWpY9KwHHUyCkqCMRl5XG-Y1fB_zfwU52p1GzU7n1UTiPH35Xd-6qF2AnxQvQq187R4xxojzgpzV_tu2p-L8wjFUzHdkkpm40OVq4y1qwkw0V_6slXoF__YFaOByxZObiwNVh1on9P01NFqzObVmrAlDPAhPpdmlj0QDj374tpiyq8qk3U6oOrKMrD2xuNWVJ5CwfABxQoPy0T30dgzpGLahSuIxkmZbBtGpm2AEwY9RbpXUxRQmagvgTkV5J6lZPGh5_D3AlD53WNeJ2Md3tjdiFMua3ag53m_K79PZe3Mco0sT85Z3VCDEqGThAuMkkVSoHwKmXn_2AAVvWp1CGeerc9WErnsH1-OWrWFbEdDLhjknE8xdPiyh3D2z3DpDSEpunxQpDFmbxagXKdBlRj3EqympvSnyRBoJuwu30kdqslLAs413SrAJdFt3H1gl7fHG37U4kuiMWGeU1SWb0iZvaHa4We3g_CMtwH9-zM8VoG6Ei3A0-B1sMWjza-urkk1GL8-oq8B6s_ar8YYBKEMrqzqmz53I2FcHPy4S93TZvuv-1y_DI029aS5jU8fFKb2&sai=AMfl-YTwMkV76pS9-QsQlQmvYBzhT82Nc9bTgMVLAgIml7fGjBqKQMzaCVnSq_ghotxcK6hgogisZzGN8uwre2e14x704DgHVqxLIrwICnRJpgEU6LREwGLrbTrHXYE0tlCgzdvAUuQtkJvg_Nt8681euNokOZsLJEPUmOe_RX5mQKTzho6ZRFLNvn1chRkxBdcLfOgJwDe-WW15O2GB99XW3qBvSFgtAESqLuq8QgGZEg&sig=Cg0ArKJSzPcg1cOOWQTyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 18 Feb 2022 20:45:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 8C74 0
0 66ms
64ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOH9gIQkYKtsAIYyYr3wQEgATAB&v=APEucNWWlAZAq4ejXPtBpTJKGq_N_cGLhB4lmxb04oQN841mszhjUEnc3noOFtx7R7KtEeJ3syJqqhwxEaugmJLH_-_QYqprzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C74 0
20 B 78ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIlIibs4-K9gIVwbkbCh1kMglcEAAYACCUzqRPQhMIy4fuso-K9gIVka17Ch3fVgex;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 8C74 42 B
107 B 197ms
68ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlIibs4-K9gIVwbkbCh1kMglcEAAYACCUzqRPQhMIy4fuso-K9gIVka17Ch3fVgex;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30016%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1645217129081;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8C74 42 B
64 B 80ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnQBd_CSrn1OMWcXybILg2ClDdKU3coARfJgFZ3kv5IS8UeyhcVcM_nYnG2z6-3iGLO7ptqfBiMQESz50H4f96mZeaNsH7b52Z0V-efO8nGG_7FCJK9w&sai=AMfl-YSCNRZNMVizsXe9JvMJe0iKk-rIm5CPYDKE6cF2RWRJPFJ4L44DR_peF3wy0qgBB9D7Ku1Y43ZhdNyu36rOv0E0xRRNkwAHhqZb6l6qW5wobUD27Ffq6HkLOLQ&sig=Cg0ArKJSzOW3lN1d0WH3EAE&cid=CAASPeRoT_0PgUG6m0jEbwTBx8HZ5b8mjfjpqltVsICKbG9T7tUKBTxdr4gZKG8qJq8deLq3tqMHA7IHm_fXwdU&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30016%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1645217129081&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8C74 42 B
64 B 67ms
66ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce26NZQUQYovBLJHb7gPfrZ2IC7rIh69ou53j6sEP-d2ih9QBEAEg_7C8MGCVAqAB08z3zwHIAQWpAk41iotWALM-qAMByAObBKoE8QFP0Ildu7G8LIaaOC97H4KHmRu3O6Smv4J8RL-gXQGkkaTnPG_VImoXF8JyDwMfwtbbtWOeqw-uQv1ahb2IlDUsllTTlDXspoUqZWQjmRgIQrBHCZINbzUjO8ija17xl7YYXH7Uu1BFJbOk9d1aD0i7w6o4VKh_3tm0VHSPnoL1wCHGyQcv2t3NMgHodH-idZZ5-8x5kUNDhE3YE1h9a2pTxvgIeWabPCq5fa7jWnqn0Jc-A0csEtGAOebUBORAt3IJA_mXDmDzRbCP4WAi4YEZbTBX5PR-PdpBmOGPGdwfH4g5gLb_6u_-ytXz4AJIU7RHwASU3LvK8APgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsB4AsBgAwBsBPZuocO0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=nvUXa0BI5dE&label=vast_creativeview&ad_mt=5&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30016%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1645217129081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8C74 0
17 B 197ms
197ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kzsvst5i&c=8384016094936&slotId=4192008047468&qqid=CMuH7rKPivYCFZGtewod31YHsQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&dm=30000&event_name=first_play&asset_bytes=241036&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1mu~videopreviewstarted.1mw
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 537ms
536ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H3 204 csi
csi.gstatic.com/ Frame 625D 0
17 B 196ms
196ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kzsvssle&c=974315971736&slotId=487157985868&qqid=CMeo4bKPivYCFVGAewodNXULHQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 197ms
196ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kzsvsqn0&c=3190168124789473&e=42531398%2C44750773%2C31062422%2C31064036%2C31061691%2C31061692%2C31064019&ctx=1&met.3=164.1ae_1~165.1ac_3~166.1a0_v~166.1aw_3~326.1ii_2~216.1if_5~215.1if_5~843.1ie_7~779.1io~868.1io~889.1j2_1~639.1j9~914.1j9~112.1ka_2~629.1o3&met.9=1.1ff~13.1m0~2.1ry&met.1=1.kzsvsp2q~6.9e~7.9f~8.9f~9.9f~10.bz~11.am~12.bz~13.sx~14.tc~15.t1~16.1wg~17.1wh~18.1x0~19.3os~20.3ou~21.3pf~22.125~23.125&qqid.5=COSFyrKPivYCFX7XEQgdVmgCOQ&qqid.1=CJfyy7KPivYCFQxa4AodeMkI2Q&qqid.4=COuSy7KPivYCFcqjewoduI4FrQ&qqid.3=CMeo4bKPivYCFVGAewodNXULHQ&qqid.2=CMuH7rKPivYCFZGtewod31YHsQ
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/rum_fy2019.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 198ms
198ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kzsvsr8e&c=3190168124789473&e=31064997%2C31061691%2C31061692%2C31064019&ctx=1&met.3=112.25o_1~415.3b7~415.3lc~415.3n6~113.3pj_1~113.3pk_2&met.10=1_2.IPwVEAAIABiAmHUoAQ~1_4.IPwVEAAIABiAmHUoAQ~1_1.IPwVEAAIABiAmHUoAQ~1_3.IPwVEAAIABiAmHUoAA~1_5.IPwVEAAIABiAmHUoAQ~1_5.IO4ZEAAIABgAKAA~1_1.IIwaEAAIABgAKAA~1_4.IJEaEAAIABgAKAA~1_3.IJ4aEAAIABgAKAA~1_30.IIQaEAAIABiAmHUoAQ~1_2.ILQaEAAIABgAKAA~1_39.ILEaEAAIABiAmHUoAQ~1_31.ILEaEAAIABiAmHUoAQ~1_43.ILEaEAAIABiAmHUoAA~1_47.IM4aEAAIABiAmHUoAQ~1_30.IMQbEAAIABiAmHUoAA&met.9=9.0~3_30.2lo~7_30.0~9.0~3_31.2m4~7_31.0~9.0~3_39.2m7~7_39.0~9.0~3_43.2mb~7_43.0~9.0~3_47.2mt~7_47.0~4_30.2ok~5_30.2om~4_31.2um~5_31.2v8~4_39.2yy~5_39.2ze~4_43.358~5_43.35k~4_47.3ae~5_47.3an~6_31.3b7~6_43.3lc~6_47.3n6~6_39.3os&met.1=1.kzsvsp2q~6.9e~7.9f~8.9f~9.9f~10.bz~11.am~12.bz~13.sx~14.tc~15.t1~16.1wg~17.1wh~18.1x0~19.3os~20.3ou~21.3pf~22.125~23.125
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 55C3 15 KB
6 KB 203ms
58ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=53142
expires: Sat, 19 Feb 2022 11:31:10 GMT
date: Fri, 18 Feb 2022 20:45:28 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3BB8 52 KB
17 KB 182ms
53ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 18 Feb 2022 20:45:28 GMT
Age: 60121
X-Served-By: cache-lga21975-LGA, cache-hhn4039-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1021235
X-Timer: S1645217128.215476,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame AAC0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB
https://rtb.gumgum.com/usersync?b=atm&i=YhAFaAAHN4CHyQBB&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB

35 B
208 B

73ms
64ms

Document
image/gif

54.77.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YhAFaAAHN4CHyQBB&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.66.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YhAFaAAHN4CHyQBB&gdpr=1&gdpr_consent=&_test=YhAFaAAHN4CHyQBB
accept-ranges: bytes
date: Fri, 18 Feb 2022 20:45:28 GMT
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1645217128.360184,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6C3A 281 B
554 B 216ms
55ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 18 Feb 2022 20:45:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B427 52 KB
17 KB 179ms
54ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 18 Feb 2022 20:45:28 GMT
Age: 60121
X-Served-By: cache-lga21975-LGA, cache-hhn4054-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1051514
X-Timer: S1645217128.215745,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD8F 52 KB
17 KB 178ms
54ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 18 Feb 2022 20:45:28 GMT
Age: 60121
X-Served-By: cache-lga21975-LGA, cache-hhn4067-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1018317
X-Timer: S1645217128.215999,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 um
cs.emxdgt.com/ Frame C967 0
0 851ms
504ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: text/html
date: Fri, 18 Feb 2022 20:45:28 GMT
content-length: 0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 884E 3 KB
2 KB 255ms
57ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Length: 1388
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C129 15 KB
6 KB 193ms
60ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=53142
expires: Sat, 19 Feb 2022 11:31:10 GMT
date: Fri, 18 Feb 2022 20:45:28 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 60B8 15 KB
6 KB 193ms
61ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=53142
expires: Sat, 19 Feb 2022 11:31:10 GMT
date: Fri, 18 Feb 2022 20:45:28 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DB9B 52 KB
17 KB 171ms
54ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 18 Feb 2022 20:45:28 GMT
Age: 60121
X-Served-By: cache-lga21975-LGA, cache-hhn4051-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1015646
X-Timer: S1645217128.216913,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6402 3 KB
2 KB 249ms
58ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Length: 1388
Connection: keep-alive

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 798A 70 B
265 B 190ms
57ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 04DB 3 KB
2 KB 246ms
58ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Length: 1388
Connection: keep-alive

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 4DF8 170 B
502 B 220ms
72ms Document
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

content-type: image/png
date: Fri, 18 Feb 2022 20:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1D94 15 KB
6 KB 242ms
119ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=53142
expires: Sat, 19 Feb 2022 11:31:10 GMT
date: Fri, 18 Feb 2022 20:45:28 GMT
vary: Accept-Encoding

GET
H/1.1 404
Not Found /
colossusssp.com/ 0
147 B 113ms
113ms Image
text/plain 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colossusssp.com/?c=o&m=cookie
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

POST
H3 204 csi
csi.gstatic.com/ Frame 8C74 0
17 B 196ms
196ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kzsvsssw&chm=1&c=3190168124789473&ctx=2&qqid=CMuH7rKPivYCFZGtewod31YHsQ&met.6=6.1_CgsYjhAgMyoECAUSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3BB8 0
731 B 66ms
66ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e4749bb7-13d0-46e2-a4a2-8dfd156a206e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B427 0
731 B 53ms
53ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f391fdc8-5fd9-4669-8305-dab20d31bafb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD8F 0
731 B 70ms
69ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: df93144a-40a7-461f-b0fa-1034b630414d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6C3A 33 KB
10 KB 59ms
59ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5ccc4afdf307a2e97b7f77e5c078023a24457dec01ffe49808b5f22df32ec979

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37634
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9759
Expires: Sat, 19 Feb 2022 07:12:42 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DB9B 0
731 B 54ms
53ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 06e767ec-f3c8-4675-97e8-db4480cee698
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 55C3 2 KB
3 KB 196ms
55ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21863131&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 9d473f5799a796186885b72aac99f5462014ba28b5967c7f5079f748c77f447a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7188
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

110ms
107ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ea8d4444c20489a9e5df93b156c4a66f32d3dd08b19bb3c3c589ee7bdd35e2c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|45|230|39|191|64|17|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 18 Feb 2022 20:45:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Length: 1662
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 18 Feb 2022 20:45:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame F4C5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

110ms
108ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 32904bca53b97a84c90bf26f8af16636a888990d4cbdabe1fe9abae76754a45b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|218|41|190|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 18 Feb 2022 20:45:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Length: 1626
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 18 Feb 2022 20:45:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 90AF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

125ms
124ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4f83847559825e78c92d82ee5b3e2f40530352056ef6bb9e85a9b5a9d665778d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|45|241|105|73|51|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 18 Feb 2022 20:45:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Length: 1626
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 18 Feb 2022 20:45:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
Connection: keep-alive

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 2827 0
232 B 174ms
58ms Ping
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=58d6c0479fa2484ea3d4b58aeac868d9&gdpr=&gdpr_consent=&dvp_atali=1&vdur=291&eoid=9&msrjs=2197&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=204&tetms=10&msltms=190&vltms=291&sei=290&vetms=5&engms=1&engisel=1&dvp_dtvst=58d6c0479fa2484ea3d4b58aeac868d9&dvp_dtslt=58d6c0479fa2484ea3d4b58aeac868d9&mascid=58d6c0479fa2484ea3d4b58aeac868d9&ttfurm=2332&cbust=1645217130342704
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2197.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://balleralert.com
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:44:38 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 02/17/2022 20:45:28

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 6C3A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZSVSPY9-J-G2W7

0
156 B

170ms
169ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZSVSPY9-J-G2W7
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:27 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FA3546AF6C82454BB9BD66040704B150 Ref B: FRAEDGE1221 Ref C: 2022-02-18T20:45:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXYUPaLtFBgXEIS6EKRoQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZSVSPY9-J-G2W7
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 6C3A 0
0 186ms
63ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFB9-pePsYLthWoBbhwIbPA&google_cver=1

0
239 B

252ms
56ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFB9-pePsYLthWoBbhwIbPA&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFB9-pePsYLthWoBbhwIbPA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 6C3A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZSVSPY9-J-G2W7&sigv=1&esig=2~4f388e8b62e5aa52329d8e39f5211027981ed5d1

0
194 B

195ms
57ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZSVSPY9-J-G2W7&sigv=1&esig=2~4f388e8b62e5aa52329d8e39f5211027981ed5d1

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZSVSPY9-J-G2W7&sigv=1&esig=2~4f388e8b62e5aa52329d8e39f5211027981ed5d1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C3A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/fsjeqS-aqTZbZOiiU-fchQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5753474424595433184

0
239 B

111ms
56ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5753474424595433184
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

date: Fri, 18 Feb 2022 20:45:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5753474424595433184
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C3A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ee46210-0568-4800-9f61-dae0c802727d

0
239 B

219ms
55ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ee46210-0568-4800-9f61-dae0c802727d
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Server: MT3 4133 baa842e master cdg-pixel-x4 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ee46210-0568-4800-9f61-dae0c802727d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 18 Feb 2022 20:45:27 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 6C3A 70 B
264 B 56ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C3A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVlNWY3NjAyYmJlZjg5MDNiM2NjMTYyZThkOWYxYmY0NGFhNzRiMw

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVlNWY3NjAyYmJlZjg5MDNiM2NjMTYyZThkOWYxYmY0NGFhNzRiMw

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTVlNWY3NjAyYmJlZjg5MDNiM2NjMTYyZThkOWYxYmY0NGFhNzRiMw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame A226
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D

35 B
467 B

73ms
73ms

Document
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Fri, 18 Feb 2022 20:45:28 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 4904 43 B
362 B 178ms
55ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Fri, 18 Feb 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 447393
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 92F9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7899400673362287494

42 B
210 B

57ms
57ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7899400673362287494
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug014:0:314
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7899400673362287494
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C53F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&gdpr=0&gdpr_consent=

42 B
492 B

172ms
62ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 20:45:28 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug012:0:755
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4172 645ee8c master cdg-pixel-x1 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&gdpr=0&gdpr_consent=
Expires: Fri, 18 Feb 2022 20:45:27 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yqKv5TRLQJC9A5XdwrKBnQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

64ms
62ms

Image
text/html

104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=53142
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sat, 19 Feb 2022 11:31:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

502

SPug
image4.pubmatic.com/AdServer/ Frame 55C3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9dc66210-0568-4c00-a72e-fd55653bcb12

0
0

194ms
58ms

Image
text/html

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9dc66210-0568-4c00-a72e-fd55653bcb12
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Server: MT3 4133 baa842e master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9dc66210-0568-4c00-a72e-fd55653bcb12
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 18 Feb 2022 20:45:27 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 55C3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1e7ff264a5c468881a7f8ded0c2126ea
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4850103500708417090
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=06c3be3a41f89d8db5e25790e75f9261
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=ad587a63-0890-48c2-9f73-761f345b129d&icm
https://spl.zeotap.com/?zdid=1332&zcluid=5235a37a01002983
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a1d8ccb-404f-476f-7fd4-98ea8d1716bc&reqId=651c0280-e90b-4a1d-4f66-45b5edab0f22&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEPGcDgpET0HsWmYL_ZNScg4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a1d8ccb-404f-476f-7fd4-98ea8d1716bc&reqId=651c0280-e90b-4a1d-4f66-45b...

95 B
164 B

68ms
59ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEPGcDgpET0HsWmYL_ZNScg4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a1d8ccb-404f-476f-7fd4-98ea8d1716bc&reqId=651c0280-e90b-4a1d-4f66-45b5edab0f22&zcluid=5235a37a01002983&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6dfa19765b50f40b-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEPGcDgpET0HsWmYL_ZNScg4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a1d8ccb-404f-476f-7fd4-98ea8d1716bc&reqId=651c0280-e90b-4a1d-4f66-45b5edab0f22&zcluid=5235a37a01002983&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 55C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FBMkFGRTUtMzQ0Qi00MDkwLUJEMDMtOTVEREMyQjI4MTlE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

164ms
58ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:854
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 55C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnckBMXPo9daD60hmDZhTs&google_cver=1

42 B
591 B

157ms
58ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnckBMXPo9daD60hmDZhTs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:418
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAnckBMXPo9daD60hmDZhTs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 55C3 43 B
612 B 198ms
67ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 17 Feb 2022 20:45:28 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 55C3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4850103500708417090

42 B
233 B

64ms
61ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4850103500708417090
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:462
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4850103500708417090
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 55C3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad587a63-0890-48c2-9f73-761f345b129d

42 B
604 B

201ms
61ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad587a63-0890-48c2-9f73-761f345b129d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:482
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad587a63-0890-48c2-9f73-761f345b129d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 55C3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2256209431365242634&gdpr=0&gdpr_consent=

42 B
233 B

195ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2256209431365242634&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug021:0:730
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:28 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 69ab64a9-79bd-478b-84f1-a1ca384d7b0c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2256209431365242634&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 CAA2AFE5-344B-4090-BD03-95DDC2B2819D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 55C3 43 B
990 B 192ms
61ms Image
image/gif 2a05:d018:d29:3602:e2:b8c:776b:b484
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CAA2AFE5-344B-4090-BD03-95DDC2B2819D?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:e2:b8c:776b:b484 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7188
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t

43 B
645 B

143ms
143ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AWH4T5RD2VSN9NN6AMKS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YA97Q8NEX4ZXTHCM3NPE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7188
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhAFaP1JARgd1weupIiYyQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1

43 B
999 B

89ms
77ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7188 170 B
188 B 65ms
64ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7188 70 B
264 B 58ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7188
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=70dd51d4-d092-9d33-3ca6db60

43 B
1014 B

78ms
77ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=70dd51d4-d092-9d33-3ca6db60
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

date: Fri, 18 Feb 2022 20:45:29 GMT
via: 1.1 google
server: nginx/1.20.2
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=70dd51d4-d092-9d33-3ca6db60
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 146

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7188
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647809128

43 B
1 KB

174ms
77ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647809128
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647809128
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7188
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
315 B

80ms
79ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 7188
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6985035291890331806&uid=Q6985035291890331806&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

58ms
54ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7188 43 B
425 B 59ms
58ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YhAFaLsWD0rWtbAf4wrNqwAA%261845
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3157
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 21:38:05 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F4C5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhAFaP1JARgd1weupIiYyQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1

43 B
999 B

79ms
77ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F4C5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t

43 B
645 B

145ms
144ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0VZ9RRE57G7V0M5ZM2EG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5CW8Y7V8Y4HMC40HJN1A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F4C5 70 B
264 B 57ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F4C5 170 B
188 B 68ms
65ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhAFaLsWD0rWtbAf4wrNqwAABzUAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YhAFaLsWD0rWtbAf4wrNqwAA%261845
dpm.demdex.net/ Frame F4C5 0
0 326ms
73ms Image
application/json 52.213.251.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YhAFaLsWD0rWtbAf4wrNqwAA%261845?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.251.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-251-128.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame F4C5 43 B
408 B 216ms
57ms Image
image/gif 72.251.245.179
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-7
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame F4C5 0
0 55ms
53ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame F4C5 43 B
430 B 284ms
59ms Image
image/gif 52.31.255.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.255.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-255-117.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame F4C5 43 B
425 B 59ms
58ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YhAFaLsWD0rWtbAf4wrNqwAA%261845
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3157
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 21:38:05 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 90AF 70 B
264 B 56ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 90AF 170 B
188 B 64ms
64ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 90AF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhAFaP1JARgd1weupIiYyQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1

43 B
1000 B

77ms
76ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJWqy8poqXQYWZM3hzVYBII&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 90AF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB&dcc=t

43 B
645 B

144ms
144ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BMH3QDRNMPEXN8KHRDMD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GNZHXCSMRBJZ6ZQJ86C8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhAFaP1JARgd1weupIiYyQAAAN8AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 90AF
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1 KB

144ms
77ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 20:45:29 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Fri, 18 Feb 2022 20:45:29 GMT
server: nginx/1.20.0
content-length: 76

GET
H2 200 YhAFaP1JARgd1weupIiYyQAAAN8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 90AF 43 B
989 B 61ms
60ms Image
image/gif 2a05:d018:d29:3602:e2:b8c:776b:b484
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YhAFaP1JARgd1weupIiYyQAAAN8AAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:e2:b8c:776b:b484 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 90AF 43 B
220 B 329ms
60ms Image
image/gif 18.157.193.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.193.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-193-122.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 90AF
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6985035292144618503&uid=Q6985035292144618503&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

55ms
54ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Fri, 18 Feb 2022 20:45:29 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 90AF 43 B
425 B 59ms
58ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YhAFaP1JARgd1weupIiYyQAA%26223
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:28 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3157
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Feb 2022 21:38:05 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3BB8 0
731 B 55ms
55ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 549f9308-79b1-4975-9f05-2a903cbcc2e8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B427 0
731 B 61ms
60ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a1f2ac21-bb45-4653-9fef-2b3e9d002074
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD8F 0
731 B 60ms
59ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c5195153-e8dd-4fd4-bed3-3a658e4bd271
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DB9B 0
731 B 130ms
107ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 19143f8b-a13d-45a9-baf8-dba0aad6e353
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 dc_oe=ChMIlIibs4-K9gIVwbkbCh1kMglcEAAYACCUzqRPQhMIy4fuso-K9gIVka17Ch3fVgex;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2015,0,0,0,0%26mtos%3D2...
ade.googlesyndication.com/ddm/activity/ Frame 8C74 42 B
63 B 133ms
67ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlIibs4-K9gIVwbkbCh1kMglcEAAYACCUzqRPQhMIy4fuso-K9gIVka17Ch3fVgex;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2015,0,0,0,0%26mtos%3D2015,2015,2015,2015,2015%26amtos%3D0,0,0,0,0%26mcvt%3D2015%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2177%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D1%26dur%3D30016%26vmtime%3D2182%26dtos%3D2015%26dtoss%3D1%26dvs%3D2015%26dfvs%3D2015%26dvpt%3D2177%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2015;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1645217129081;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8C74 42 B
64 B 79ms
78ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnQBd_CSrn1OMWcXybILg2ClDdKU3coARfJgFZ3kv5IS8UeyhcVcM_nYnG2z6-3iGLO7ptqfBiMQESz50H4f96mZeaNsH7b52Z0V-efO8nGG_7FCJK9w&sai=AMfl-YSCNRZNMVizsXe9JvMJe0iKk-rIm5CPYDKE6cF2RWRJPFJ4L44DR_peF3wy0qgBB9D7Ku1Y43ZhdNyu36rOv0E0xRRNkwAHhqZb6l6qW5wobUD27Ffq6HkLOLQ&sig=Cg0ArKJSzOW3lN1d0WH3EAE&cid=CAASPeRoT_0PgUG6m0jEbwTBx8HZ5b8mjfjpqltVsICKbG9T7tUKBTxdr4gZKG8qJq8deLq3tqMHA7IHm_fXwdU&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2015,0,0,0,0%26mtos%3D2015,2015,2015,2015,2015%26amtos%3D0,0,0,0,0%26mcvt%3D2015%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2177%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D1%26dur%3D30016%26vmtime%3D2182%26dtos%3D2015%26dtoss%3D1%26dvs%3D2015%26dfvs%3D2015%26dvpt%3D2177%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D80916433%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2015&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1645217129081

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 2827 0
232 B 60ms
59ms Ping
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=58d6c0479fa2484ea3d4b58aeac868d9&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=11&ismms=49&isumms=48&isvelg=1&nvr=6&isgmmims=49&isgmv4mims=49&elmtp=3&isbxdms=3049&b11=3288&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3288&sftb=3288&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=949&isuiabvms=949&isgmpims=48&isgmv4dpims=949&ispmxpms=949&engalms=47&engscrlms=678&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1645217131342481
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2197.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://balleralert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://balleralert.com
Pragma: no-cache
Date: Fri, 18 Feb 2022 20:45:29 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 02/17/2022 20:45:29

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 55C3 0
260 B 408ms
56ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160224&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 132ms
132ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://balleralert.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://balleralert.com
date: Fri, 18 Feb 2022 20:45:30 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C129 2 KB
2 KB 55ms
54ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22140123&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ed999dc776b7f59c552c7586458aa55066def20abb48cbb5ea09417260d10830

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2020
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 60B8 2 KB
2 KB 55ms
54ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23831031&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ed999dc776b7f59c552c7586458aa55066def20abb48cbb5ea09417260d10830

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2020
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1D94 2 KB
2 KB 55ms
54ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38309594&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ed999dc776b7f59c552c7586458aa55066def20abb48cbb5ea09417260d10830

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2020
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3A2B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772478822548

42 B
211 B

61ms
61ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772478822548
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 18:09:01 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0025:0:384
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 18 Feb 2022 20:45:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772478822548

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C1E9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=

1 B
412 B

61ms
61ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 20:45:30 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug010:0:430
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1645217131.466075,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET sync
sync.srv.stackadapt.com/ Frame 6DC5 0
0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame F772
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHc1RrN0VJQXNBQUhzdy0ydDVFQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

56ms
56ms

Document
image/gif

52.31.255.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.255.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-255-117.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 18 Feb 2022 20:45:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Fri, 18 Feb 2022 20:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame C129
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42

0
0

193ms
62ms

Image
application/json

185.64.189.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42
Protocol: H2
Server: 185.64.189.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame C129
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

69ms
68ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:32 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
frontend-id: 13
location: /pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame C129 95 B
176 B 61ms
57ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6dfa197faf1ff40b-LHR
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame C129 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C129
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=

0
128 B

59ms
58ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=
date: Fri, 18 Feb 2022 20:45:31 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C129
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GZh5JB-ffnYCk39yH8hlcErOeiUCy392H8vR82da

42 B
467 B

59ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GZh5JB-ffnYCk39yH8hlcErOeiUCy392H8vR82da
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:450
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GZh5JB-ffnYCk39yH8hlcErOeiUCy392H8vR82da
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C129
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
https://x.bidswitch.net/sync?dsp_id=354&user_id=01a60999c9ec4391b90410df9838fa09&ssp=pubmatic&bsw_param=0f72ee1e-66af-4744-85f2-a41b0a3294df&gdpr=0&consent=&gdpr_pd=&expires=7
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f72ee1e-66af-4744-85f2-a41b0a3294df&gdpr=0&gdpr_consent=&gdpr_pd=

1 B
180 B

62ms
61ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f72ee1e-66af-4744-85f2-a41b0a3294df&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:437
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f72ee1e-66af-4744-85f2-a41b0a3294df&gdpr=0&gdpr_consent=&gdpr_pd=
Date: Fri, 18 Feb 2022 20:45:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C129
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4581962177314719284&gdpr=0&gdpr_consent=&us_privacy=

1 B
323 B

61ms
61ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4581962177314719284&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:551
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4581962177314719284&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C129
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b8d7781f-05d5-4926-af10-fe305fb33c7a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

61ms
61ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b8d7781f-05d5-4926-af10-fe305fb33c7a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:472
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b8d7781f-05d5-4926-af10-fe305fb33c7a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 18 Feb 2022 20:45:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame C129 0
104 B 263ms
137ms Image
text/plain 2a02:fa8:8806:13::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 60B8
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42

0
0

195ms
62ms

Image
application/json

185.64.189.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42
Protocol: H2
Server: 185.64.189.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 60B8
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

68ms
68ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
frontend-id: 10
location: /pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 60B8 95 B
153 B 61ms
58ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6dfa197faf26f40b-LHR
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame 60B8 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 60B8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=

0
128 B

59ms
59ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:06:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=
date: Fri, 18 Feb 2022 20:45:31 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 60B8
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hQ6qgoMJrdCeBaOC1g62i9EIqNCeDPmFgg78G8aH

42 B
310 B

59ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hQ6qgoMJrdCeBaOC1g62i9EIqNCeDPmFgg78G8aH
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug025:0:640
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hQ6qgoMJrdCeBaOC1g62i9EIqNCeDPmFgg78G8aH
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C52A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772480133268

42 B
317 B

61ms
60ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772480133268
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 20:45:30 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug005:0:444
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 18 Feb 2022 20:45:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772480133268

GET

bsw
px.adhigh.net/p/cm/ Frame 60B8
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://px.adhigh.net/p/cm/bsw?u=11ef1ac0-9612-467e-9c87-d066a6339a62&bidswitch_ssp_id=pubmatic
https://px.adhigh.net/p/cm/bsw?u=11ef1ac0-9612-467e-9c87-d066a6339a62&bidswitch_ssp_id=pubmatic&bounced=1

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AFD1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=

1 B
394 B

63ms
62ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 15:44:17 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug0028:0:698
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1645217131.476786,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 60B8
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365789395200935476&gdpr=0&gdpr_consent=&us_privacy=

1 B
194 B

62ms
61ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365789395200935476&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:552
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365789395200935476&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 60B8
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cfad6693-0e4e-4e7e-8707-df2d0f0615a9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
128 B

61ms
61ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cfad6693-0e4e-4e7e-8707-df2d0f0615a9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:613
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cfad6693-0e4e-4e7e-8707-df2d0f0615a9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 18 Feb 2022 20:45:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 60B8 0
103 B 258ms
138ms Image
text/plain 2a02:fa8:8806:13::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET sync
sync.srv.stackadapt.com/ Frame ED5B 0
0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 2AA6
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFYnlrN0VJQXNBQUgzQU5KbnpNZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

57ms
56ms

Document
image/gif

52.31.255.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.255.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-255-117.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 18 Feb 2022 20:45:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Fri, 18 Feb 2022 20:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 1D94
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42

0
0

200ms
61ms

Image
application/json

185.64.189.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42
Protocol: H2
Server: 185.64.189.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 1D94
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

70ms
69ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:32 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:32 GMT
frontend-id: 14
location: /pubmatic/1/info2?sType=sync&sExtCookieId=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1D94 95 B
153 B 58ms
57ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6dfa197fbf2af40b-LHR
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame 1D94 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1D94
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=

0
252 B

59ms
58ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-szFlh_1E2uWo6C9oDWeTPNy25kJb5pw-~A&gdpr=0&gdpr_consent=
date: Fri, 18 Feb 2022 20:45:31 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1D94
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIFpfbKGbi-vim8rtoV1LrGLbn-vhm5-ttWE8kek

42 B
309 B

59ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIFpfbKGbi-vim8rtoV1LrGLbn-vhm5-ttWE8kek
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:695
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIFpfbKGbi-vim8rtoV1LrGLbn-vhm5-ttWE8kek
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3758
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772481181844

42 B
212 B

61ms
61ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772481181844
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 15:44:17 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0028:0:370
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 18 Feb 2022 20:45:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7066153772481181844

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1D94 43 B
220 B 158ms
56ms Image
image/gif 18.157.193.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.193.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-193-122.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 20:45:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A3A7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=

1 B
394 B

64ms
63ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Feb 2022 18:09:01 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug0025:0:423
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhAFaAAHN4CHyQBB&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Fri, 18 Feb 2022 20:45:31 GMT
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1645217131.487152,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1D94
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4437846989238863412&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

62ms
62ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4437846989238863412&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:643
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4437846989238863412&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 18 Feb 2022 20:45:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1D94
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:efaec765-0218-4d96-a302-dfefb87e91f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
188 B

61ms
61ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:efaec765-0218-4d96-a302-dfefb87e91f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 15:45:12 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0024:0:528
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:efaec765-0218-4d96-a302-dfefb87e91f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 18 Feb 2022 20:45:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2998
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 1D94 0
103 B 248ms
138ms Image
text/plain 2a02:fa8:8806:13::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 20:45:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET sync
sync.srv.stackadapt.com/ Frame A06E 0
0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame A06A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJZXlFN0VJQXNBQUg5TWtVU0Q0UQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

56ms
55ms

Document
image/gif

52.31.255.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.255.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-255-117.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 18 Feb 2022 20:45:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Fri, 18 Feb 2022 20:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=68e51d6d-d9ae-4d78-8b26-3683b8ae5e11&xd_origin_host=https%3A%2F%2Fballeralert.com

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?Dp6HnQ

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D

Domain: px.adhigh.net
URL: https://px.adhigh.net/p/cm/bsw?u=11ef1ac0-9612-467e-9c87-d066a6339a62&bidswitch_ssp_id=pubmatic&bounced=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CAA2AFE5-344B-4090-BD03-95DDC2B2819D

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11

Verdicts & Comments Add Verdict or Comment

337 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.balleralert.com/	1970-01-20 03:09:53	Name: _gcl_au Value: 1.1.1121058685.1645217125
.bing.com/	1970-01-20 10:21:53	Name: MUID Value: 108BAD61BA54634735F7BC2EBBDF62A8
.google.com/	1970-01-20 05:23:48	Name: NID Value: 511=MCNuxDhwpqWdk1PsHrKXkphn-1TxwpJ8Gumg85XaYYNcxIj8n9t56RA37p1Evm1DCWjTQe-pyj7WTFhq0ZVfbP7v1oBd2FsWBPlVh7fj1srZeya423xdEugM8CgKN-wdrP9eTnKG4hTYsYTcYPQUtwyugXDHWuKVs2ByAAM5-eg
www.clarity.ms/	1970-01-20 09:45:53	Name: CLID Value: 6f8ad26baaa344c4b06e45b88d81c7e3.20220218.20230218
.balleralert.com/	1970-01-20 01:00:18	Name: __asc Value: 750f5a8517f0e95140677322578
.balleralert.com/	1970-01-20 09:47:19	Name: __auc Value: 750f5a8517f0e95140677322578
.balleralert.com/	1970-01-20 09:45:53	Name: _adb Value: a2kzsvsqjsJCurP9zN1W
.balleralert.com/	1970-01-20 18:31:29	Name: _ga Value: GA1.2.464597375.1645217126
.balleralert.com/	1970-01-20 01:01:43	Name: _gid Value: GA1.2.1782053112.1645217126
.balleralert.com/	1970-01-20 03:09:53	Name: _fbp Value: fb.1.1645217125585.1653390038
.balleralert.com/	1970-01-20 01:00:17	Name: _gat_gtag_UA_3874823_1 Value: 1
.c.bing.com/	1970-01-20 10:21:53	Name: SRM_B Value: 108BAD61BA54634735F7BC2EBBDF62A8
.doubleclick.net/	1970-01-20 10:21:53	Name: IDE Value: AHWqTUmmGkzrmW2NZb6pYWeMgU5fKBqIbM4c-IAE7PR5glJAmvLRFMdR4uAjYawu
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:21:53	Name: MUID Value: 108BAD61BA54634735F7BC2EBBDF62A8
.c.clarity.ms/	1970-01-20 01:00:17	Name: ANONCHK Value: 0
balleralert.com/	1970-01-20 01:43:29	Name: advanced_ads_browser_width Value: 1600
.balleralert.com/	1970-01-20 01:01:43	Name: _uetsid Value: b349c7f090fb11eca7b8afd9da641592
.balleralert.com/	1970-01-20 10:21:53	Name: _uetvid Value: b34a08d090fb11ec89f4b3a7947bc8f0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: mOp9w8F_L1g
.balleralert.com/	1970-01-20 09:45:53	Name: _clck Value: fbpyp0\|1\|ez3\|0
.balleralert.com/	1970-01-21 20:48:17	Name: tk_ai Value: SC8DM%2Fak8EPL1cY5%2B4hD6S4Y
.gumgum.com/	1970-01-20 09:45:53	Name: cs Value: true
.adnxs.com/	1970-01-20 03:09:53	Name: icu Value: ChgI59o-EAoYASABKAEw5IrAkAY4AUABSAEQ5IrAkAYYAA..
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:32:10	Name: bcookie Value: "v=2&701178e9-01d2-47fa-82d8-0d48fa7fd037"
.www.linkedin.com/	1970-01-20 18:32:10	Name: bscookie Value: "v=1&20220218204524f085777c-f098-4c1d-89db-9344837b8dbcAQFxYwnDX15AScMOG2fQsBN9ZitZwKFB"
.linkedin.com/	1970-01-20 18:05:42	Name: li_gc Value: MTswOzE2NDUyMTcxMjQ7MjswMjFJ22hmKVp1sRkM2h0sLQC1K88dofjDuByNEvep+FOhAg==
.linkedin.com/	1970-01-20 01:01:43	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2541:u=1:x=1:i=1645217124:t=1645303524:v=2:sig=AQGz3itf7PBAp_weDPRS7CStsSspRUKh"
.balleralert.com/	1970-01-20 01:01:43	Name: _clsk Value: z5wzqo\|1645217126677\|1\|1\|j.clarity.ms/collect
.rubiconproject.com/	1970-01-20 09:45:53	Name: khaos Value: KZSVSPY9-J-G2W7
.rubiconproject.com/	1970-01-20 09:45:53	Name: audit Value: 1\|naVuGyos1qoZybRTUvGtMq2qEsFCZ0ctSdOhPT1GMTlgQkuuSU/3aCZLJNVJqhu9jn0BRc+csZjlLMw5+iCMPMxuhZpbWKLtB83Bd3pZ0s4=
.adnxs.com/	1970-01-20 03:09:53	Name: uuid2 Value: 2256209431365242634
.gumgum.com/	1970-01-20 01:43:29	Name: loc Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm8hq5y7FIAFJqALzTMF75FKPWrPvLHvI6Vn8Of3jTfySlxFcBUU5_13
.gumgum.com/	1970-01-20 09:45:53	Name: vst Value: e_72acef09-0a68-4a11-8dde-2253c85f0188
.balleralert.com/	1970-01-20 10:21:53	Name: __gads Value: ID=4b98536519a9c811:T=1645217123:S=ALNI_MZdB5b4uR6EnUkHbjkZxv_y13LBDQ
.www.linkedin.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: ajax:1103408218966906379
.scorecardresearch.com/	1970-01-20 18:17:05	Name: UID Value: 1688005e706c8f8a8a300841645217126
.everesttech.net/	1970-01-20 09:45:53	Name: everest_g_v2 Value: g_surferid~YhAFaAAHN4CHyQBB
.ads.pubmatic.com/	1970-01-20 01:01:43	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 03:09:53	Name: KADUSERCOOKIE Value: CAA2AFE5-344B-4090-BD03-95DDC2B2819D
.pubmatic.com/	1970-01-20 03:09:53	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 01:01:43	Name: pi Value: 160224:2
.pubmatic.com/	1970-01-20 03:09:53	Name: DPSync3 Value: 1646352000%3A201_197_219%7C1645228800%3A174
.pubmatic.com/	1970-01-20 03:09:53	Name: SyncRTB3 Value: 1646438400%3A35%7C1646352000%3A13_161_54_7_3_71_220_21_56
.adsrvr.org/	1970-01-20 09:45:53	Name: TDID Value: ad587a63-0890-48c2-9f73-761f345b129d
.casalemedia.com/	1970-01-20 03:09:53	Name: CMPS Value: 1840
.mathtag.com/	1970-01-20 10:26:12	Name: uuid Value: 9dc66210-0568-4c00-a72e-fd55653bcb12
.yahoo.com/	1970-01-20 09:46:14	Name: A3 Value: d=AQABBGgFEGICEMCMjY-Z_fpWNbPeiOIiGUAFEgEBAQFWEWIZYgAAAAAA_eMAAA&S=AQAAAtqja8W0oAshsK2G-quwfto
.onaudience.com/	1970-01-20 09:45:53	Name: cookie Value: 5235a37a01002983
.onaudience.com/	1970-01-20 01:01:43	Name: done_redirects104 Value: 1
.simpli.fi/	1970-01-20 09:47:19	Name: suid Value: 5BA0BFE9AE4941BCB70B0A4CDC672CC7
.de17a.com/	1970-01-20 09:38:41	Name: guid2 Value: 1.7899400673362287494
.casalemedia.com/	1970-01-20 09:45:53	Name: CMID Value: YhAFaP1JARgd1weupIiYyQAA
.casalemedia.com/	1970-01-20 03:09:53	Name: CMPRO Value: 223
.adform.net/	1970-01-20 01:40:36	Name: C Value: 1
.pubmatic.com/	1970-01-20 03:09:53	Name: KRTBCOOKIE_80 Value: 22987-CAESEAnckBMXPo9daD60hmDZhTs&KRTB&16514-CAESEAnckBMXPo9daD60hmDZhTs&KRTB&23025-CAESEAnckBMXPo9daD60hmDZhTs
.pubmatic.com/	1970-01-20 03:09:53	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 03:09:53	Name: KRTBCOOKIE_57 Value: 22776-2256209431365242634&KRTB&23339-2256209431365242634
.pubmatic.com/	1970-01-20 03:09:53	Name: KRTBCOOKIE_377 Value: 6810-ad587a63-0890-48c2-9f73-761f345b129d&KRTB&22918-ad587a63-0890-48c2-9f73-761f345b129d&KRTB&23031-ad587a63-0890-48c2-9f73-761f345b129d
.pubmatic.com/	1970-01-20 03:09:53	Name: KRTBCOOKIE_27 Value: 16735-uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&KRTB&16736-uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&KRTB&23019-uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc&KRTB&23208-uid:c7a16210-0568-4c00-bcea-dfc9ea0692cc
.pubmatic.com/	1970-01-20 01:43:29	Name: PugT Value: 1645217128
.adform.net/	1970-01-20 02:26:41	Name: uid Value: 4850103500708417090
.pubmatic.com/	1970-01-20 01:43:29	Name: KRTBCOOKIE_336 Value: 5844-7899400673362287494
.pubmatic.com/	1970-01-20 01:43:29	Name: KRTBCOOKIE_391 Value: 22924-4850103500708417090&KRTB&23263-4850103500708417090
.crwdcntrl.net/	1970-01-20 07:29:03	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:29:03	Name: _cc_id Value: 1e7ff264a5c468881a7f8ded0c2126ea
.onaudience.com/	1970-01-20 01:01:43	Name: done_redirects68 Value: 1
.casalemedia.com/	1970-01-20 01:01:43	Name: CMST Value: YhAFaGIQBWkA
.owneriq.net/	1970-01-20 01:14:41	Name: p2 Value: cc
.owneriq.net/	1970-01-20 18:31:29	Name: si Value: Q6985035292144618503
.brand-display.com/	1970-01-20 18:31:29	Name: _knxq_ Value: 70dd51d4-d092-9d33-3ca6db60.1645217129.0.1645217129.1645217129
.onaudience.com/	1970-01-20 01:01:43	Name: done_redirects161 Value: 1
.casalemedia.com/	1970-01-20 09:45:53	Name: CMRUM3 Value: 1f6210056805a00&27621005680b40&2d621005692760CAESEJWqy8poqXQYWZM3hzVYBII&496210056805a0&f16210056805a0&e6621005682760&696210056905a00&336210056805a0
.exelator.com/	1970-01-20 03:53:05	Name: EE Value: "06c3be3a41f89d8db5e25790e75f9261"
.exelator.com/	1970-01-20 03:53:05	Name: ud Value: "eJxrXxzq6XKLQcHALNk4KdU40cQwzcIyxSIlyTTVyNTc0iDV3DTN0sjMcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiF9fFRSlpDItKik8F72%252F3BgB3lCnd"
.onaudience.com/	1970-01-20 01:01:43	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 09:45:53	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjwuvyVtMq5OhAFGAEgASgCMgsInO3RysrKuToQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/	1970-01-20 01:01:43	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 09:45:53	Name: zc Value: 8a1d8ccb-404f-476f-7fd4-98ea8d1716bc
.zeotap.com/	1970-01-20 01:01:43	Name: zsc Value: %B0%89T%0E%9C%E6RV%98%034%8F%1A%B7%D7%29%AAx%06%99%B4%D9%C9%AB%95%9F%7Cv%0C%BC4%FBi%A8%F4%7F%FC%CC%E97%87s%E0%8ABl%E84%03%5CI%13%1Fc%E9%EA%E9%3B%81%A6%BFJ%F8%F8%12%28%E0%F2%1D%EE%BD%EFI%C7%BB%3E%C8%98nU%89%B4D

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://colossusssp.com/?c=o&m=cookie Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9dc66210-0568-4c00-a72e-fd55653bcb12 Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adspsp.com
apis.google.com
assets.adobedtm.com
aud.pubmatic.com
b1sync.zemanta.com
balleralert.com
bat.bing.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c0.wp.com
c01ae5b687859e77d7bbc0d43398d035.safeframe.googlesyndication.com
c1.adform.net
cd.connatix.com
cdn-images.mailchimp.com
cdn.doubleverify.com
cds.connatix.com
certify-js.alexametrics.com
certify.alexametrics.com
chimpstatic.com
cm.adgrx.com
cm.g.doubleclick.net
colossusssp.com
connect.facebook.net
console.adgrid.io
cs.emxdgt.com
csi.gstatic.com
d.adroll.com
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.iheart.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
j.clarity.ms
js-sec.indexww.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
platform.linkedin.com
pr-bh.ybp.yahoo.com
prod.adspsp.com
pub.doubleverify.com
public-api.wordpress.com
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
px.owneriq.net
r3---sn-h0jeln7e.c.2mdn.net
r4---sn-h0jelnes.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.gumgum.com
s.amazon-adsystem.com
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static-exp1.licdn.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
vtrk.doubleverify.com
ww.api.iheart.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.iheart.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
a.audrte.com
px.adhigh.net
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.linkedin.com
104.108.144.214
104.108.145.8
104.111.242.53
142.250.184.226
142.250.185.226
142.250.186.162
142.250.186.34
142.250.186.66
143.204.95.188
143.204.96.118
143.204.98.113
143.204.98.115
143.204.98.43
143.204.98.82
146.0.227.109
151.101.130.49
151.101.194.137
151.101.65.108
159.65.197.210
169.50.137.184
172.66.43.28
178.250.2.151
18.157.193.122
18.195.155.181
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.80
185.64.190.81
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.22
198.47.127.19
198.47.127.20
199.232.210.84
20.85.30.134
2001:678:cb4:bbbb::11
213.155.156.166
213.254.244.26
23.0.33.234
23.32.243.206
23.37.42.132
2600:1f16:bc:1202:21b8:ab1d:2133:69ff
2602:803:c003:200::31
2606:4700:10::ac43:db6
2606:4700:20::ac43:45e7
2606:4700::6812:a7e0
2607:f8b0:4024:c00::78
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:21::14
2620:1ec:27::cafe:2250
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2006
2a00:1450:4001:813::2008
2a00:1450:4001:813::200d
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
2a00:1450:4016:7::9
2a00:1450:4016::8
2a02:26f0:12d:587::1e80
2a02:26f0:12d:587::4469
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba20
2a02:fa8:8806:13::1370
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:4e::269
2a05:d018:d29:3602:e2:b8c:776b:b484
3.126.56.137
3.33.220.150
34.111.151.213
34.212.80.11
35.201.96.126
35.244.174.68
37.157.5.142
37.252.172.37
50.31.142.159
51.210.112.63
52.142.114.2
52.213.251.128
52.31.255.117
52.46.154.242
54.194.157.24
54.228.17.128
54.229.233.249
54.231.98.91
54.77.66.11
54.78.254.47
66.102.1.156
66.155.71.25
69.173.144.139
72.251.245.179
77.243.60.138
8.2.111.126
85.114.159.118
0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05a3dbb97b616c4aa70647461cd3e9f2ac72aa518a19c42c1a9756ccfafce421
061a3a77519999a1fe023724896eca435a4b4d6fd758963270c43fb83d4a8a60
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
072300ef36efa54af8634dadd3451fbd96274e9708bfa568040192fb2e71c160
080a7cd8090fe14503466d9909e988308b013aef9ef19a41a17c84823d2d574e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d3b74554bb7327acfef3aabd878193d28f028cd48a8a348b652e9abb23327e3
0df9aff62cc4a768eb35b2f47418eb37cc2136cbb18a350df231763c8249f7c2
0e8b049129b6d54e346d18eefb31ce31b7dc76409e0eb85239d1364e61793a6f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130f5bd079da4ccffb6b73d64ea8aa402dcf1370bb24572c8a4084db6de27f98
13a930c42eb430ea3fc33e64bceace1e66c58d5d26bd7cd6efff7a56613d0ca5
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
15d91ab032211a3cfedf49470c5490ee1cc7ca322820fcfcdfa9ddcc1307549d
182e51193ed33acca8a70f60a714c7d70e88111af48a17ba194b4c3d0dce8039
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192f480022126cbd04f77300c71f3fcd33d632ac8443bb7494426143f4b8f510
1afc07e44f673401d10e9b7a3e8f63234dbec7aeaf3dc7b60495ed1cf8b9c651
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1de5015dc10eb355a2c05d402553942417131c51222462cf2b0e44215594e6dd
1ec81be7e8d4ea0682753b08cc206d3a1ef0b03110a11e4276853a6a7c58e8eb
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2051ec367c1be61480b94686061b4ecfe4365aa872b41f80cd208afb2602945a
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
24c40e804d92901fab912e4679cb0b4b4ce780d7229e7b73cb5cd0eb7e93550c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cae7a9b075c13110ec95acfeaf13056fd6e59f0534b977d2a55ed42961fd6a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c288c5bc53e94f803622ea790f5351af44bcd9b5252fe7ec73b4904ccc47e4
270b1e86757e34465f696bca485f119cf9e775f4a5d5513be5a299c3c1cb9cce
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
289b0947b4b981e10ecfe7b37b9259baef0668dec6b0acc02b62d5a14ef22b83
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
298b9bc41c30aaea7fc89c925be64addb7c0a1df0d29cfde93ed4d38cc425131
2a0710588223968ee9b0781ba147b642e745256eb7f69ff23c61da6f19449897
2a2eea28047e3d5fd3ba8171b78cb15206ab5646ac2bd9e036d3fb4196dbcbe1
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2a84c3cf6d5cdd1f7eebd633763bc1833a31ab11947490480b8736fafdde5894
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f33a878d95f0158f2ccac82abfaaece0fc37399b5e717018b09863ef36bd924
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea
30aa763639b91cec13bafb4649a956320321316e82f39205a9e948a6392cf8de
30b18072bef2e7e0f05487040fa67cb159169aea754838b5088e5a75212d680d
32904bca53b97a84c90bf26f8af16636a888990d4cbdabe1fe9abae76754a45b
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
331a1f214d5aa357574f8c5cadc253b5190b1f36a6e38c5a7d1d5b7830089fd9
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
39f94c7fae88d40b82ea1bfbe0415e0b18ece89cecf5a7f2710f1743aebe2366
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4465cef0b729ca1b39f82d58964e333e8b84ae6dcb3d4f6a08582313426f94c0
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
4587e41c367c1443f3bec0d23731fdfc626663503a0ec3a14acf512eaa37ef22
4626acb90a61ad2e64125d843b8f8d66cf6d813a5e7b799b34bd9d9c450b94d7
4827fec4b688c883c19d7dfacfe8a04809681b3651e835fb69540193cd159f4b
485b180676e7564936e5c6df7c957acb4354b7f5f13d45abd6c3b0d81201d3f1
4866273fbeb45fc7e9929611052b7f7202ec0a3ab1b35d13302b892c3c52b2a5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49a55ffe4f5cc8251fb9f15b1d2cb1b874cc7388d2edb464f6860e17ef9b2992
4af27940e711cb23e434d9663f82d309890543d0e42a49a4853bad570f36c4e5
4b9961ee1a72d619aff47987991c5b2e529c8c2222d90f0b38da8de4e9008165
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f83847559825e78c92d82ee5b3e2f40530352056ef6bb9e85a9b5a9d665778d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51729caddb2dbc92a7a61d26b041dd014790ea1e0514679048c6c77a2add8a4e
5175e2e3b24c72506a6e3035a04bbba268fd5550ff53fd73a4a51da07a1cd97d
51ea75fec6a6030c9a7cd913834dcbbfc53abc6ab2cd665155b996d6e6edfdda
53e8208d0b0c5c2bf0cdafd9f450322f11acaa28b8a7eda485b1b709a484c0bd
5487c600bcffca2099f210e10b0568133b3e3069431d0f11c18c78919f8ae7cc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e90b34aafe5edfc85981f962261069b4a34979c51f34c4991b07f5d3d984ec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584190690f3e745224ccb1134d5863983050eadb08d769ab47f4e8d484044086
599863f104e6a2c8d3f5c57633373e86ebf69906e04a0ae763f8bfb0161827bf
59c79b378c22c38467b584a8d6556edb441212ee62a9c341f2c62e8f0463dd2f
5b5737f4004f9085da1cda9a674548a2162d642249a865fb68708ef0036ccdc4
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5c705c416e9d7b5d9db7d85594d038943be3630bd22ff591e0799af570b862ec
5c9e14cc99617da1d27e4fd7169aca374095883c5cf4f453c6fc742b084a7500
5ccc4afdf307a2e97b7f77e5c078023a24457dec01ffe49808b5f22df32ec979
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d7f64407e5f5fec22946ab855636514358f0e999038bb7e8f4f31bccf6ee1fd
5dcdedef171485f19d11f44dde0881cd99caf84161ced76a882f06a7238006af
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ee49a30cc6244e9cefb2bac9580da6a9768c49692d1a8988572254f4ff7d2bf
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
6095a61e8e8cd490ec831d0731bf5c78fc97f9c2746b7d67dab0788adb949708
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62daab70d8018745af4fa4337376cf9345bb9a6c2ea04623f00bd72888b17c0e
639c929a03019caa46f531a6dfdea6fd638d98aa325c96a30afbc6a4f1aa1d66
66042ee5fee58266023430e54c12a32f672a719d6e7ce4f67df7882f5fbc0054
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67c4a10ad1888166b4122186ef1d88a61ffe66f2aae6f7713bea910777ed7ea1
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68838d8016e63d727b4463e3c50c5dc10a9eaf1ad93c44e18cfab50bff28c0d5
68de28ccd005c586a59c9a5c0653400886add03ab352219edb4b8651782d5e09
6b2476edf95aa04cd7ccb301051fb62853b69d39af09c929a81fdba43143bc5a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6d79e7244eab835df38c082b629f28ebe7e98d8ed0ad1bfe635dbf85ce24949d
6d9263313998d90eb7ace1abd7647bf2106bb772d4a04a41a9f3959e4cdd8c44
6f9b1f8eca1aeed723101c429d07332e17fd61c0e546f4a7afb048437f5b4109
725743df024a8a61fe883e22e85ec8b4efea221d9c2d35f240e88548cc40bdf1
735377e871316a02cec460701202e3f0de071f9bc30a903c9dfbc334d19097d4
73a2a1f4b330f285238ff8868b31d26643ff5d5818044d480e8cab43e35eabb1
73b7548bd3363ea24eecf6a2a56d96ea783d98929756a8b68e917ea283722aed
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
754eb9144e99669e5aa4bafe923571e0a634c71be827b99a32132121df2f537b
760635e46fad7f23cadf0602b3db27de071cd518ecbb04041723f4b1806662c3
7829e009c50a75313a34510ff02878e8c90cb5e6d6405196d8790400a014d78c
78485a79a88d58baf7fa253ec43d6827f88dada8b16a1a36325994a84f423970
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7917da41a36d13f14f392d512a3b0a1343f346af39d52ea8f281bb235dd62b6d
7a3ddd2ce22620b30c300f2a825b367c775940369f9a4121d7fa5a151ca42a5c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7b1a37c43977758722ff2bddb8844c2af4627e0db2d5eb0f3ada59a3468b8ff9
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
7b8e47691d996befe04918a7ff52d78bbd9ac92ea5a05d03f9c4398b33df95fd
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7f99c531f5e0979a50a1f76d12f3e0c0cd5605be539b1fa6ab88c85d0e68f803
7fec8e1607ac29947e34121b8a928931e592649d0ff58be84c83680172f843a1
819a73c1721e89fde342db29fbb0df6594b713ce2fe105f1e6ed4a8fe88bf575
81d655d03a28e477c55b40b4328a817dcc8c86c1659caabb80e29f5f3acd0b08
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8796768e42946ecb8f1c6e418e12ce35071f90fc4705ed51e7662ce7966ef2db
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aaf90a00d378f096c89c7a0a3503c98d8f663eabab958bb1b226020c4f2ad2e
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93fa2b4cd4e7ab1a5984412607c24a1608bf1cb981908a9aaf4b8a7b9cbfbb16
96f6897cf6e2277014eba471652e7619cf6ccb9b55873e67860243fd197150d0
97352f5082b6c4b5442b1fda4efd9dbd48878e1afaefff40313263e1ee793dcc
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
994ab1ecd36f2f4b3aeaeca3a8076c252afadf3710c183dbbfc1e0930c4ea081
99a5af87f74014118ce8d017bd91dc4e06ff05125a5b710a966609ec60dc97ae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9abc132fd14087fc484882b700f016b5121d33c2b376fbcdca0ac2f9afd453f2
9af4762b2df5da39ca42be9960daeefe7fba3e07bc30ba6acadaa3cfea3f3415
9d473f5799a796186885b72aac99f5462014ba28b5967c7f5079f748c77f447a
9de939b14effab78b17526b142ff1d928dd728f19b4a89c8c51f6a61c57cf058
9edef5466f3ada2baa2b81fe03858d6179ae1e5f0e045ef2d34f7f813505b959
9fbaf3eac344aae4adc2f1a0b300a9d96443a8ccd1e6e7fa0f48ebb176a0b0c9
a01b76770d92d5596af77d63615d54dbe9a773ac0f3ecc0e37d4ce63e5ee9432
a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6c062809a62bef4918b6d73d087e997ee2f92fca0cfbb5c281a5817292452
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a32073ae72c27af5caad046c9d7a4ab061b2a81ee6b55d7e3e29611d61c16cc3
a33c445a76f7968b1d17a5f09e83e8b57d3ee4334fb70d0b8e8311760914f462
a34d693bd61abbe77f313336b07a464cb8375924348d21d7b88dc0debce85c83
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e64038b684263ab1edea35ed48cf0073edaa2959bde3e541d58cdeecaa783a
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa6d1c62b8caf3a9b40d641f399129d30c3be139767ed311e9ec7f610ea56e04
af42a6d6153de280e3f76bc3eabb0a6f291cf6b01b242f6b1add89d2aba20b45
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b1fe9a102dd1c48d424ac350bed1b1dcf91afda2dae18824fa5473bd8a3901b7
b3ab4576fa5cc689c3786c530cbb2946dbb4534aa7e812dfe17c05c7d875253a
b4cf39b67d6275bebeb3b05320aa51c22d195ed0876d5a33609329b15a311e96
b518b646811f367d5430ac07179fad6cf5c1df569617ceb4de17409654e93945
b58bf516fedf2482b3be6125c03b9a9ef1fa057f69e375fd96754b11b3565e74
b6d9dfadda2f3ae23cea507ba802ab446ffe1ded8244e84a5ef6764362f43bb7
b7176b7d34b93f350ff04ba9fbdaa5ef35c97c7d1353b78c1282675534c70b80
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7
bbd6316ca0e2600570fe23335e515baf77986262cdc80ed9d0d89931f1794abb
bd0cbc0bb55f4aa9925bd1397be5094e37d80cd24f58ad772becbf429b6486f8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c01a1d77327096c8c49f04af3f4da2c120a9c479e0190f5623fd9ea7d3fe7106
c1706286189e087a43c5baee5f49d7a7d420c8ea019943ff4c1d7aff6118c397
c1acec7ce5ab399ea205f3f38f9d424f15d3fefb08f4c1c9568806cc398fbac5
c201e5d25a4e864fc700bc7e468a1f9782337562956a09df06b044a4a64a67c7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3fb0bdd7a0fa01cc73f7045910772b60469590482a9502aaf87700394b85959
c77601c3c05dd92f93b19761ee402f48b655788f0f39ed04a7d156489ba3ebef
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c912a971a83336c2b8446333cea23553ebd886a841ef71bc6021cbe7a1125db6
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6769aec790550f21cd37fffac7a6a5db08f55dc1787acd7c97fab1967e7a6c
cc7f52271e59738f204a214b87de955f7c9709d0e4e096206c613571ea1e8bd3
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd
d394c6d252191e1a1013a387b7eea31bb74a63c4f838944e1a6a46bbbe431f3a
d429d28b9e4fb5a936e932e8b3f92ed4c267eefec7c32cfe15bf18f1f5932788
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d63f92a1937b8bc2e3b7511995962cc1b7bb78251fcce456f8f2e72e8db20e58
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
da2a28f8dfd9082c9f6ced35acd9ae66d8e0374278aa201cabf74cb1b7d6c7e4
db9fbb50ba3192503f7ba927de41ba5484ec41957bbe76bd240299aeb056c279
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de586620ea2b25324018feffc01dafb033d4cd57b8a078a80db9eb51a96bbe9c
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df1c5f6457b17a9a545e2ebd2ddc7fe06e6f480b87f988ab64dcc99f47be1f78
df4e2b02efe67cbe33aa879273eb71afc6c33d8bcf6d424091b442c17f2a4acd
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e33f9d6f3bffce55b1095840b77bd6bcf2d02405a3dbe853fcbe082461a58137
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e5cf1d54bf8b2561c6049854ced8c8a2e9cde28ceb786c4becf7ce0321edd4b0
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e811854b6a468fa3266948cefa547ac1efd56766bdceb069f779cb05f5979f3a
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ea8d4444c20489a9e5df93b156c4a66f32d3dd08b19bb3c3c589ee7bdd35e2c2
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
ed06657db67041358e60997923dcbeab671b1980241bdd3205d93a1f2c6142b4
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed999dc776b7f59c552c7586458aa55066def20abb48cbb5ea09417260d10830
eed2d93ec01bbd5632899d1b94a2f98ea35c4b1631733e854c26a1b179e75578
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3ec76de98167d26fd0e8dce38b9d01a1a151c9908c9b6b99ab7cabf8131b65
f1e67260e52e8d3723859f81f5f726a214e5fd0a7741446786f199314a544b8e
f2a878192eb437ff1100f69acce8151b530f9545d2b58877ad2b9d19ff1fe128
f34a434f7c1a3a354a09b3d9323fe427a1022b72dd412c429f533f4fbaf1c6a4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f7c6726fd3b04f5d770e1ba596404b8ba924dc67e3df73b3316182c22a6e62cf
f8464298798367d1e7712446840a81b5ef07a6484761dfc727433c7cf4c1dc94
f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505
f9bcfcdf3913076194efc851a76c4686fd0f4c336ee09e5739ab31590eb13eaa
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fd046ae8768789be91596e86c787d07da27d7c32763c0955e16c6dfc7213ebef
fd1a1a9daee80cfea98a4f8aa88b089b42fd416ec06e2f66ec4ab3d577ed479f
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

balleralert.com Open in urlscan Pro 172.66.43.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

477 Requests

87 %HTTPS

39 %IPv6

75 Domains

131 Subdomains

97 IPs

9 Countries

8581 kBTransfer

21013 kBSize

81 Cookies

20 Outgoing links

Page URL History

Redirected requests

477 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

balleralert.com Open in urlscan Pro
172.66.43.28 Public Scan

Screenshot
Live screenshot

Full Image

477
Requests

87 %
HTTPS

39 %
IPv6

75
Domains

131
Subdomains

97
IPs

9
Countries

8581 kB
Transfer

21013 kB
Size

81
Cookies

477 HTTP transactions
5 data transactions