urlscan.io logo urlscan.io
SecurityTrails logo

balta.io Open in urlscan Pro
104.41.13.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://balta.io/
Effective URL: https://balta.io/
Submission: On June 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 53 HTTP transactions. The main IP is 104.41.13.179, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is balta.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 18th 2023. Valid for: a year.
This is the only time balta.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.41.13.179 8075 (MICROSOFT...)
17 20.60.36.65 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
5 3.162.38.19 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 34.68.90.188 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
53 18
2    104.41.13.179 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
balta.io
17    20.60.36.65 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
baltaio.blob.core.windows.net
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
5    3.162.38.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-19.cdg52.r.cloudfront.net
d335luupugsy2.cloudfront.net
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700::6810:a091 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com
forms.rdstation.com.br
popups.rdstation.com.br
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
17 windows.net
baltaio.blob.core.windows.net
974 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4931
onesignal.com — Cisco Umbrella Rank: 1605
img.onesignal.com — Cisco Umbrella Rank: 8084
91 KB
5 cloudfront.net
d335luupugsy2.cloudfront.net
139 KB
4 gstatic.com
fonts.gstatic.com
218 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
244 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
19 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
73 KB
2 rdstation.com.br
forms.rdstation.com.br — Cisco Umbrella Rank: 300465
popups.rdstation.com.br — Cisco Umbrella Rank: 78588
37 KB
2 gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 4448
11 KB
2 balta.io
balta.io
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
3 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
341 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3844
64 KB
53 15
Domain Requested by
17 baltaio.blob.core.windows.net balta.io
5 d335luupugsy2.cloudfront.net balta.io
d335luupugsy2.cloudfront.net
4 fonts.gstatic.com baltaio.blob.core.windows.net
fonts.googleapis.com
3 onesignal.com cdn.onesignal.com
3 www.googletagmanager.com balta.io
www.googleoptimize.com
www.googletagmanager.com
2 cdnjs.cloudflare.com client
d335luupugsy2.cloudfront.net
2 www.facebook.com balta.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net balta.io
connect.facebook.net
2 cdn.onesignal.com balta.io
cdn.onesignal.com
2 www.gravatar.com balta.io
2 balta.io balta.io
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 img.onesignal.com
1 fonts.googleapis.com d335luupugsy2.cloudfront.net
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 forms.rdstation.com.br d335luupugsy2.cloudfront.net
1 www.googleoptimize.com balta.io
53 19
Subject Issuer Validity Valid
*.balta.io
Go Daddy Secure Certificate Authority - G2		 2023-08-18 -
2024-09-18		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-13 -
2025-04-08		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
forms.rdstation.com.br
R3		 2024-05-02 -
2024-07-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
popups.rdstation.com.br
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://balta.io/
Frame ID: B078B41088088C19BD25CCAC6C77EC9E
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bem vindo | balta.io

Page URL History Show full URLs

  1. http://balta.io/ HTTP 307
    https://balta.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • uikit.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

76 %
IPv6

15
Domains

19
Subdomains

18
IPs

5
Countries

1911 kB
Transfer

3708 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://balta.io/ HTTP 307
    https://balta.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
balta.io/
Redirect Chain
  • http://balta.io/
  • https://balta.io/
46 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.41.13.179 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc6a19b1a820694efc19a8c719dde10f5827a27be46d4a4f4cb26acb5b18c379
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Length
11194
Content-Type
text/html; charset=utf-8
Date
Fri, 07 Jun 2024 14:03:04 GMT
Request-Context
appId=cid-v1:6b6186b6-87ca-47ab-b00a-607ba720c147
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Location
https://balta.io/
Non-Authoritative-Reason
HttpsUpgrades
uikit.balta.dark.min.css
baltaio.blob.core.windows.net/static/css/ 		103 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/css/uikit.balta.dark.min.css?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c2c045da567847b70c7d68f3e7aef64c8f67696b6fbdf09d14c63a792b000597

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:05 GMT
Last-Modified
Tue, 09 Mar 2021 00:30:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
P/WXeYS2WZqEpQMH9t2eMQ==
ETag
0x8D8E2929716FFF5
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
7a8be513-b01e-0025-1de3-b847f2000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=864000, public, must-revalidate
x-ms-version
2009-09-19
Content-Length
105974
site.css
balta.io/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balta.io/css/site.css?v=UpYilAzyuMJ0mhwwvDHAnRGomGAmDOlBYfWHV0O8iVQ
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.41.13.179 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b80f05ad36db7df38a02a6e908eced5c03f15d80d203bcf1a13d4a90957fb12d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 07 Jun 2024 14:03:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 06 Jun 2024 17:40:44 GMT
Server
Microsoft-IIS/10.0
ETag
"1dab838a82c2317"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1177
Request-Context
appId=cid-v1:6b6186b6-87ca-47ab-b00a-607ba720c147
optimize.js
www.googleoptimize.com/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K3JPLW9
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d14cfc0fb388397d86a3abdf288e8c2a5828d76cfe9d2a416fa4dcad34c5422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65205
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 14:03:05 GMT
balta-logo.svg
baltaio.blob.core.windows.net/static/images/dark/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/dark/balta-logo.svg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b07800c5df81185c2418eae4f0d8945d55da23d5b4004d69678b6ab61fdb0a10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:05 GMT
Last-Modified
Mon, 20 Jul 2020 14:41:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8xYEfHIumxkfZeeaSud5OQ==
ETag
0x8D82CBB0C43D1EB
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
c65e8c2d-c01e-003f-22e3-b8262d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
9655
curso-fullstack-banner_desktop.jpg
baltaio.blob.core.windows.net/static/images/temp/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/temp/curso-fullstack-banner_desktop.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
059e9e9dca585949cd2bd2b03159ec00d0deedb8511276571baf562a8476fa3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:05 GMT
Last-Modified
Thu, 06 Jun 2024 14:36:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qnH41GZsU8BCIduUDOoadQ==
ETag
0x8DC8635FC20B442
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
63aab094-701e-0005-18e3-b83c55000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
117443
curso-fullstack-banner_mobile.jpg
baltaio.blob.core.windows.net/static/images/temp/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/temp/curso-fullstack-banner_mobile.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
893f2540e21ab8063d4e653dfc3db387258ba4282485a486699390c5aec90e0c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:05 GMT
Last-Modified
Thu, 06 Jun 2024 14:36:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
T1mKUMT4F3vGNupgH309Tw==
ETag
0x8DC8635FC1EBAA6
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
c65e8c8a-c01e-003f-78e3-b8262d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
98876
instructor.jpg
baltaio.blob.core.windows.net/static/images/website/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/website/instructor.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d2cede7f8a89380aece94eabc7e441ceb2e685c49946de2a43f5f80d09e85fb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Tue, 08 Sep 2020 16:23:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lKWBSWiox+9OFSnaTR761g==
ETag
0x8D854138763829E
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
63aab3ce-701e-0005-21e3-b83c55000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
76785
e65275d765e3d5f936388b9968a8b2c6
www.gravatar.com/avatar/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/e65275d765e3d5f936388b9968a8b2c6?s=64&d=mp
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
effd17ed50b123d1f66c881526f3eea6f7aee5e409a4630f8db87b6e56430d35

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 2
date
Fri, 07 Jun 2024 14:03:06 GMT
last-modified
Wed, 04 Aug 2021 00:27:40 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e65275d765e3d5f936388b9968a8b2c6.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e65275d765e3d5f936388b9968a8b2c6?s=64&d=mp>; rel="canonical"
content-length
7888
alt-svc
h3=":443"; ma=86400
expires
Fri, 07 Jun 2024 14:08:06 GMT
bd2f5a21d3cf08081ed107588a80f36f
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/bd2f5a21d3cf08081ed107588a80f36f?s=64&d=mp
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
30a834ee07a673d7ff8b63fb7d6941245a2ca50070e0898e49b805a3f135976e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 2
date
Fri, 07 Jun 2024 14:03:06 GMT
last-modified
Fri, 19 Jun 2020 12:10:31 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="bd2f5a21d3cf08081ed107588a80f36f.jpeg"
accept-ranges
bytes
link
<https://gravatar.com/avatar/bd2f5a21d3cf08081ed107588a80f36f?s=64&d=mp>; rel="canonical"
content-length
2835
alt-svc
h3=":443"; ma=86400
expires
Fri, 07 Jun 2024 14:08:06 GMT
vanessa-martins.jpg
baltaio.blob.core.windows.net/static/images/feedbacks/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/feedbacks/vanessa-martins.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aca5da31950b292688162b3e72a9aace38b3d7454d8566920305c20f5657cc63

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Wed, 05 Aug 2020 23:16:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ph6PK5gh5FqhU07nL9cAoA==
ETag
0x8D83995919463E0
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
7a8bea39-b01e-0025-68e3-b847f2000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
144229
csharp-600x300.jpg
baltaio.blob.core.windows.net/static/images/tags/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/tags/csharp-600x300.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
983d21fd5b10d2ed5a53507fa2b47bbd5838b35b40a4dc3d7ced01f333f108bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Tue, 25 Aug 2020 13:52:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zhXw4jHn5BB869jJqofiMQ==
ETag
0x8D848FE1C448E10
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
d3d78382-101e-0085-1ee3-b8c353000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
15420
flutter-600x300.jpg
baltaio.blob.core.windows.net/static/images/tags/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/tags/flutter-600x300.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
54b3f0a767db1a348399af38cebba3f511932124a9013435684b9e486793e29e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Tue, 25 Aug 2020 13:52:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
BRnf/5KhNxiJmWzNnBmMsQ==
ETag
0x8D848FE1C4774C4
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
7a39c098-101e-004e-72e3-b8c006000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
13839
angular-600x300.jpg
baltaio.blob.core.windows.net/static/images/tags/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/tags/angular-600x300.jpg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c1941f9d13f271f5d8fbfe4dd598881161192d68c9d6e9772e7f9cc1f7cb792f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Tue, 25 Aug 2020 13:52:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
84BqdZ5otWiAb85OMQ3aoQ==
ETag
0x8D848FE1C1E3A59
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
63aab77b-701e-0005-1ae3-b83c55000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
17701
uikit.min.js
baltaio.blob.core.windows.net/static/js/ 		130 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/uikit.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
89dfef34c5f15e2b06d6d6e4f02fee2c6885da723579aa0289df389c69ad11b3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:05 GMT
Last-Modified
Tue, 09 Mar 2021 00:30:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XX5isJ9owELTrjjsmcMu/Q==
ETag
0x8D8E292900BD3E0
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
7a8be777-b01e-0025-4ce3-b847f2000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=864000, public, must-revalidate
x-ms-version
2009-09-19
Content-Length
132975
uikit-icons.min.js
baltaio.blob.core.windows.net/static/js/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/uikit-icons.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94bfbecc71a11c2f77dc5d4df18fe185633f34f017ade7c8c2e724567b75bab2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Tue, 09 Mar 2021 00:30:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SJhJXgWg5H9xvToIyf8Wsg==
ETag
0x8D8E2928BC7E85F
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
63aab522-701e-0005-5ce3-b83c55000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=864000, public, must-revalidate
x-ms-version
2009-09-19
Content-Length
79180
jquery-3.5.1.min.js
baltaio.blob.core.windows.net/static/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/jquery-3.5.1.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
3F5/GMjTasHT1HU6h8mNCg==
ETag
0x8D81F73DD4D6644
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
c65e8dda-c01e-003f-37e3-b8262d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
89476
jquery.validate.min.js
baltaio.blob.core.windows.net/static/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/jquery.validate.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AU6B3RoxveUz68EYKOrySA==
ETag
0x8D81F73DA03E4E9
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
7a8be94f-b01e-0025-02e3-b847f2000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
24443
jquery.validate.unobtrusive.min.js
baltaio.blob.core.windows.net/static/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/jquery.validate.unobtrusive.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:06 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fIU56KuOHLY+qEFGoABkVQ==
ETag
0x8D81F73D9FA946B
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
63aab65e-701e-0005-06e3-b83c55000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
5871
additional-methods.min.js
baltaio.blob.core.windows.net/static/js/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/js/additional-methods.min.js?v1
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:07 GMT
Last-Modified
Fri, 03 Jul 2020 17:09:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KKVvtMe2U8NLjzPH/hOxFw==
ETag
0x8D81F73D9F49FE8
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
814cf915-f01e-0034-1ae3-b8dd46000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
22660
89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-19.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
337951ff9fbdcea4fbea57858ecf49825e65cff75836917853e3532e96b169d5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:08 GMT
x-amz-version-id
e.xePKUXevnGLwIfaZnwOi4wgkGaDyh0
content-encoding
gzip
last-modified
Fri, 24 May 2024 02:06:58 GMT
server
AmazonS3
via
1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P6
etag
W/"3986107bcae002fd0add8b10c6adaf6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
5Iy4ZLr1Zd1DCe_YtuZeAb4_mRYHq3ud5KX7ZBn9JV4ltaIleMbpFw==
rdstation-forms.min.js
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 		219 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-19.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad77062362d3fdc4906f59ef9bc41fa8a1378e07640330e0729147e2787402e4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 07:44:37 GMT
content-encoding
gzip
via
1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
x-amz-version-id
M1h2Sl60DXRCYg4oZaL3oAEOtJs505wa
x-amz-cf-pop
CDG52-P6
age
1145910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
56347
last-modified
Tue, 16 Apr 2024 19:14:57 GMT
server
AmazonS3
etag
"c888f294a8abeb2074200987ba8be90a"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
0mbXW0dwsk8iHgt_g49an5PwnGoIf0qXrnzHhXsQq7TVKmHEXOsnWQ==
js
www.googletagmanager.com/gtag/ 		196 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48664517-12
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de7f1a3467c4b4a4b2d21480b17297322683ab5974b70ea015e7afd0c9b49b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72846
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 14:03:06 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3454
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89012f070c699bcb-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 14:03:06 GMT
balta-logo.svg
baltaio.blob.core.windows.net/static/images/dark/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baltaio.blob.core.windows.net/static/images/dark/balta-logo.svg
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b07800c5df81185c2418eae4f0d8945d55da23d5b4004d69678b6ab61fdb0a10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:05 GMT
Last-Modified
Mon, 20 Jul 2020 14:41:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8xYEfHIumxkfZeeaSud5OQ==
ETag
0x8D82CBB0C43D1EB
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
c65e8c2d-c01e-003f-22e3-b8262d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
9655
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41cfd45a7062d2cc4c0031a6eadc3ff691acb47a1e1648b27374fc687ddad0c6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
XRXW3I6Li01BKofAjsOkZg.ttf
fonts.gstatic.com/s/nunito/v16/ 		143 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOkZg.ttf
Requested by
Host: baltaio.blob.core.windows.net
URL: https://baltaio.blob.core.windows.net/static/css/uikit.balta.dark.min.css?v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
787bf5d4ec1d2b7fc6c3dde28d34b5427dd15d26b74f048fea8d8067b8c55dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://baltaio.blob.core.windows.net/
Origin
https://balta.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 00:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67992
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 00:23:07 GMT
XRXW3I6Li01BKofAnsSkZg.ttf
fonts.gstatic.com/s/nunito/v16/ 		141 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAnsSkZg.ttf
Requested by
Host: baltaio.blob.core.windows.net
URL: https://baltaio.blob.core.windows.net/static/css/uikit.balta.dark.min.css?v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85456fe59e3efb4c5f34e01b4d9206e2452fae7ffaa9cbdf3002dd2aea881b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://baltaio.blob.core.windows.net/
Origin
https://balta.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 06:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67098
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 06:10:24 GMT
JTURjIg1_i6t8kCHKm45_dJE7g4.ttf
fonts.gstatic.com/s/montserrat/v15/ 		141 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE7g4.ttf
Requested by
Host: baltaio.blob.core.windows.net
URL: https://baltaio.blob.core.windows.net/static/css/uikit.balta.dark.min.css?v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2736680e9b34afe93ae3f8e7352051512c85f4029cb37fd57142f76889c244a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://baltaio.blob.core.windows.net/
Origin
https://balta.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71833
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 09:32:32 GMT
newsletter-site-2020-3abf120030efac79c090
forms.rdstation.com.br/ 		36 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.rdstation.com.br/newsletter-site-2020-3abf120030efac79c090
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
ebc77596138fb35a9b73dc7715a26dfe082ded1a5ee2a2fd339a0d5ebb2dc35e
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=7776000
date
Fri, 07 Jun 2024 14:03:09 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
text/html
access-control-allow-origin
*
content-length
37246
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48664517-12&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-K3JPLW9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6092cbb4065207af47a23417940c2ca64a262fd8e3300512fd99fd4557d33962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71808
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 14:03:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 14:03:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=12, mss=1328, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
taqva3BoJG9yoFd41D0y47nLxTbKc/hB7qPO2wsNtb0fj24pRIZFaKzwaCeUUEtzhGjK63+CV+2wv90YIxGx6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-48540TXV4B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48664517-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b29b59488e67347a92258471d63e69356165e4e8d5d3fc7038d8644532518884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104756
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 14:03:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48664517-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 07 Jun 2024 12:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5640
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 07 Jun 2024 14:29:08 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
82
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89012f14ea4d9bcb-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 14:03:08 GMT
bundle.js
d335luupugsy2.cloudfront.net/scout/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-19.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:10 GMT
content-encoding
gzip
via
1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
x-amz-version-id
xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified
Thu, 28 Jan 2021 17:27:51 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P6
etag
W/"88819ce057f99124674a75d611e4f53a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-amz-cf-id
BIOrk3fmU3Du_WIVQ9qCFwko6ySLnGT6sEqeTPV5Q7mUShrpUCD1IA==
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2026365203&t=pageview&_s=1&dl=https%3A%2F%2Fbalta.io%2F&ul=de-de&de=UTF-8&dt=Bem%20vindo%20%7C%20balta.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1108420852&gjid=173226081&cid=1060280112.1717768989&tid=UA-48664517-12&_gid=1311815847.1717768989&_r=1&gtm=457e4650za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=102521771
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 14:03:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balta.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
140466216814592
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/140466216814592?v=2.9.157&r=stable&domain=balta.io&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd7e7a9dcf65f769f3894b630355a544d3985050ad2512d46bc1f559e44eca88
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 14:03:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=63, mss=1328, tbw=63515, tp=-1, tpl=-1, uplat=263, ullat=0
pragma
public
x-fb-debug
YY1gGE3NqyKTauJJsQdWQInLCZ3zx62BXtm1ptOXi3z7S4U6alqihQkncY8nwmvCJO8/8t56fDYANMzU185FVg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
web
onesignal.com/api/v1/sync/0241ee6c-703e-4fb8-aa73-91a27039ea52/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0241ee6c-703e-4fb8-aa73-91a27039ea52/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7627b89fef75a71668865ef6eb4162f71a94d944247c172146f20a2a19304a73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:09 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2fccda14-f46b-44e5-a0a0-34c2aea2a60c
x-runtime
0.036013
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7627b89fef75a71668865ef6eb4162f7"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
89012f156b089bcb-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 07 Jun 2024 15:03:09 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48664517-12&cid=1060280112.1717768989&jid=1108420852&gjid=173226081&_gid=1311815847.1717768989&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1288104456
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Jun 2024 14:03:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balta.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-48540TXV4B&gtm=45je4650v879285469za200&_p=1717768988916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1060280112.1717768989&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1717768989&sct=1&seg=0&dl=https%3A%2F%2Fbalta.io%2F&dt=Bem%20vindo%20%7C%20balta.io&en=page_view&_fv=1&_ss=1&tfd=4909
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48540TXV4B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 14:03:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balta.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3445
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
89012f160c039bcb-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 07 Jul 2024 14:03:09 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=140466216814592&ev=PageView&dl=https%3A%2F%2Fbalta.io%2F&rl=&if=false&ts=1717768989286&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717768989281.83948661079213238&cs_est=true&ler=empty&cdl=API_unavailable&it=1717768988992&coo=false&rqm=GET
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 07 Jun 2024 14:03:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=140466216814592&ev=PageView&dl=https%3A%2F%2Fbalta.io%2F&rl=&if=false&ts=1717768989286&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717768989281.83948661079213238&cs_est=true&ler=empty&cdl=API_unavailable&it=1717768988992&coo=false&rqm=FGET
Requested by
Host: balta.io
URL: https://balta.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3f8ec4227885e5d3","source_keys":["1","2"]},{"key_piece":"0x062a325a54c56e75","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 07 Jun 2024 14:03:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=3105, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
n/Yrhb6opBZlhXb9ZZjuCVIxanHe4Su1eQTYNXTwnJ6MfP8XI92yBD5swzHAOWVzVISrLzsCfqPBa5gfsbGO5Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff9b34b7cbe6ef73b9f390f29d45afe7c50aa2654904b7205a33a212ed24f2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 14:03:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 14:03:09 GMT
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
66484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2295
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-38aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dB3I%2BZeIMlNTr6qB35QUNWbtt9DQlFhYSD8LC3XdbNA3GrPn2lLCinsw4dBLOedSzNMpKIdEuoT2hpjFNuEqVBSH8EsEhK6w5kzFtVsGp%2F247EFcxBbz5XM8Rrv9HM1qnFyI5ZrYyh6f31rDF2lTkaW0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89012f18d81a975d-FRA
expires
Wed, 28 May 2025 14:03:09 GMT
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
233964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15507
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-10424"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OuzOfzPrb%2B2tQv3qI64NrwRfbraN2%2BxBJbuWks6PzXUhEEwYovGcS5b2lxBCKBv0StL42RordQYhanA4m090bDzvV1u%2BfW2OmyVvlTcEs8d435L8cFhqzuxffxCyYaX%2BlIqYhpASBgTwYdUcPKkvRJO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89012f18d815975d-FRA
expires
Wed, 28 May 2025 14:03:09 GMT
favicon.ico
baltaio.blob.core.windows.net/static/images/icons/ 		32 KB
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://baltaio.blob.core.windows.net/static/images/icons/favicon.ico?v1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.36.65 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8df760fc278a3dc1bdf6a293de4f93a7ad08f42833f8c707fa957bfd98d67d27

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 07 Jun 2024 14:03:09 GMT
Last-Modified
Mon, 29 Jun 2020 23:36:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
w252ieAzJar2GiV5Dd4Tlw==
ETag
0x8D81C853A225E21
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
x-ms-request-id
7a8bf58b-b01e-0025-56e3-b847f2000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
32988
icon
onesignal.com/api/v1/apps/0241ee6c-703e-4fb8-aa73-91a27039ea52/ 		192 B
759 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/0241ee6c-703e-4fb8-aa73-91a27039ea52/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5e336a547a0ac4900c45bfb077a8bcaa64fe4b41b572d44ea7079f9fa79e87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:03:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b41c3607-2f76-4640-9ccb-edeb4f71d450
x-runtime
0.016351
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"dd5e336a547a0ac4900c45bfb077a8bc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
89012f1cbe56085c-FRA
access-control-allow-headers
SDK-Version
882c90d5-d5e3-4b38-9499-c408ed87fd6a.png
img.onesignal.com/permanent/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/882c90d5-d5e3-4b38-9499-c408ed87fd6a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c4eabbd9eeb775a719cce1593a42fcb37a5147f425fdaf8bed1bd8a675f747
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Fri, 07 Jun 2024 14:03:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPo0Us3Zhok82hzzPjbCXLIcY0t5PWKifVvLA6Cu78EmfNECb6ahaV_zaSOknlx5M1ePFicZX4UCAg
x-goog-meta-x-goog-source-etag
"bbfa4e777043053ccb481c96121e2ffe"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
7003
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:39:19 GMT
server
cloudflare
etag
"-CNeHwauLlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676345959531479
content-type
application/octet-stream
x-goog-hash
crc32c=m3o72A==, md5=u/pOd3BDBTzLSByWEh4v/g==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
7003
accept-ranges
bytes
cf-ray
89012f1d2a709bcb-FRA
expires
Mon, 08 Jul 2024 14:03:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://balta.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:19:50 GMT
x-content-type-options
nosniff
age
258200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:19:50 GMT
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-19.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70be3f27403e0ab74c6b11fcd837997e5bca12b69449cf287823d18be663f87c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bXw_6DEbP4cvD1251Yhm.RnfFb6kzmD7
content-encoding
gzip
via
1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
date
Fri, 07 Jun 2024 02:35:55 GMT
last-modified
Tue, 16 Apr 2024 18:56:23 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P6
age
41236
x-amz-server-side-encryption
AES256
etag
"10b6883a771a55bcb6b5749d0515f172"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
57363
x-amz-cf-id
4_T0ytYuC11ptUtPqvmaXrsiA9uXPYAQZ4C1n-iXqrB49PK3YB61Og==
rd-js-integration.min.js
d335luupugsy2.cloudfront.net/js/integration/2.0.0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/89adbcfe-3c71-467f-9fdb-a721793afc26-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-19.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
3dngmS.4H4nxkAQ1dQ4Zed.bkb2I4WUy
content-encoding
gzip
via
1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
date
Fri, 07 Jun 2024 07:45:07 GMT
x-amz-cf-pop
CDG52-P6
age
22684
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9976
last-modified
Wed, 29 Mar 2023 14:01:04 GMT
server
AmazonS3
etag
"a101060a6ec593b54e9c4227f96e2695"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Y42IgcZ7wFx3prEJZPEsemu2SfZHdcK4WQtFcXnRyyTxouK_91Bzeg==
show.json
popups.rdstation.com.br/popup/ 		13 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=55993&uniq=_hb65g9caz&ref=aHR0cHM6Ly9iYWx0YS5pby8%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balta.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=7776000
date
Fri, 07 Jun 2024 14:03:10 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
*
content-length
13

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_tag_manager object| google_tag_data object| dataLayer function| UIkit function| UIkitIcons function| $ function| jQuery object| RdstationForms function| RDStationForms function| gtag function| loadScoutScript object| RDStation object| RDCookieControl function| initScoutBanner boolean| RDStationTrackingCodeChecker function| fbq function| _fbq function| OneSignal string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0 function| onYouTubeIframeAPIReady object| Select2 function| CookieConsent function| Scout object| RdstationPopup object| credentials object| RdstationFormsIntegration

8 Cookies

Domain/Path Name / Value
.balta.io/ Name: ARRAffinity
Value: d89c60cf97622a93439d4f3487ce7a70f479c899429a374dd295b6a89490fe83
.balta.io/ Name: ARRAffinitySameSite
Value: d89c60cf97622a93439d4f3487ce7a70f479c899429a374dd295b6a89490fe83
.onesignal.com/ Name: __cf_bm
Value: GJBZFKWEhaXOFaCteYcvg8K_U6MB9z1zOYHRn0fnrpc-1717768986-1.0.1.1-OS_usqfY25cr57zQmuYu4h5M83gCUQCMnj00TDKKzAzqDOpY2TINzKTppZR6LHM.u05LTJxAhdcuxcPAaA3wOQ
.balta.io/ Name: _gid
Value: GA1.2.1311815847.1717768989
.balta.io/ Name: _gat_gtag_UA_48664517_12
Value: 1
.balta.io/ Name: _ga_48540TXV4B
Value: GS1.1.1717768989.1.0.1717768989.0.0.0
.balta.io/ Name: _ga
Value: GA1.1.1060280112.1717768989
.balta.io/ Name: _fbp
Value: fb.1.1717768989281.83948661079213238

6 Console Messages

Source Level URL
Text
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://baltaio.blob.core.windows.net/static/js/uikit.min.js?v1(Line 2)
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.
other warning URL: https://balta.io/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balta.io
baltaio.blob.core.windows.net
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
img.onesignal.com
onesignal.com
popups.rdstation.com.br
region1.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.gravatar.com
104.41.13.179
20.60.36.65
2001:4860:4802:32::36
2606:4700::6810:a091
2606:4700::6811:180e
2606:4700::6811:6fdf
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c06::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
3.162.38.19
34.68.90.188
059e9e9dca585949cd2bd2b03159ec00d0deedb8511276571baf562a8476fa3a
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
2d2cede7f8a89380aece94eabc7e441ceb2e685c49946de2a43f5f80d09e85fb
30a834ee07a673d7ff8b63fb7d6941245a2ca50070e0898e49b805a3f135976e
337951ff9fbdcea4fbea57858ecf49825e65cff75836917853e3532e96b169d5
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41cfd45a7062d2cc4c0031a6eadc3ff691acb47a1e1648b27374fc687ddad0c6
54b3f0a767db1a348399af38cebba3f511932124a9013435684b9e486793e29e
6092cbb4065207af47a23417940c2ca64a262fd8e3300512fd99fd4557d33962
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70be3f27403e0ab74c6b11fcd837997e5bca12b69449cf287823d18be663f87c
7627b89fef75a71668865ef6eb4162f71a94d944247c172146f20a2a19304a73
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c
787bf5d4ec1d2b7fc6c3dde28d34b5427dd15d26b74f048fea8d8067b8c55dbc
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
85456fe59e3efb4c5f34e01b4d9206e2452fae7ffaa9cbdf3002dd2aea881b41
893f2540e21ab8063d4e653dfc3db387258ba4282485a486699390c5aec90e0c
89dfef34c5f15e2b06d6d6e4f02fee2c6885da723579aa0289df389c69ad11b3
8df760fc278a3dc1bdf6a293de4f93a7ad08f42833f8c707fa957bfd98d67d27
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
94bfbecc71a11c2f77dc5d4df18fe185633f34f017ade7c8c2e724567b75bab2
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
97c4eabbd9eeb775a719cce1593a42fcb37a5147f425fdaf8bed1bd8a675f747
983d21fd5b10d2ed5a53507fa2b47bbd5838b35b40a4dc3d7ced01f333f108bf
9d14cfc0fb388397d86a3abdf288e8c2a5828d76cfe9d2a416fa4dcad34c5422
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca5da31950b292688162b3e72a9aace38b3d7454d8566920305c20f5657cc63
ad77062362d3fdc4906f59ef9bc41fa8a1378e07640330e0729147e2787402e4
b07800c5df81185c2418eae4f0d8945d55da23d5b4004d69678b6ab61fdb0a10
b2736680e9b34afe93ae3f8e7352051512c85f4029cb37fd57142f76889c244a
b29b59488e67347a92258471d63e69356165e4e8d5d3fc7038d8644532518884
b80f05ad36db7df38a02a6e908eced5c03f15d80d203bcf1a13d4a90957fb12d
bc6a19b1a820694efc19a8c719dde10f5827a27be46d4a4f4cb26acb5b18c379
c1941f9d13f271f5d8fbfe4dd598881161192d68c9d6e9772e7f9cc1f7cb792f
c2c045da567847b70c7d68f3e7aef64c8f67696b6fbdf09d14c63a792b000597
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd5e336a547a0ac4900c45bfb077a8bcaa64fe4b41b572d44ea7079f9fa79e87
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7f1a3467c4b4a4b2d21480b17297322683ab5974b70ea015e7afd0c9b49b1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc77596138fb35a9b73dc7715a26dfe082ded1a5ee2a2fd339a0d5ebb2dc35e
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
effd17ed50b123d1f66c881526f3eea6f7aee5e409a4630f8db87b6e56430d35
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
fd7e7a9dcf65f769f3894b630355a544d3985050ad2512d46bc1f559e44eca88
ff9b34b7cbe6ef73b9f390f29d45afe7c50aa2654904b7205a33a212ed24f2c5