Submitted URL: http://ballensbuys.com/
Effective URL: https://ballenblogger.com/
Submission: On February 27 via api from BE — Scanned from DE

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3035::6815:51f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is ballenblogger.com.
TLS certificate: Issued by GTS CA 1P5 on February 3rd 2024. Valid for: 3 months.
This is the only time ballenblogger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
41 ballenblogger.com
ballenblogger.com
757 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
227 KB
5 getlasso.co
js.getlasso.co — Cisco Umbrella Rank: 38442
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2124
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
198 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5 KB
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 11369
in.getclicky.com — Cisco Umbrella Rank: 10332
6 KB
1 lasso.link
lasso.link — Cisco Umbrella Rank: 44051
663 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 gstatic.com
fonts.gstatic.com
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
948 B
1 ballensbuys.com
ballensbuys.com
296 B
70 12
Domain Requested by
41 ballenblogger.com ballenblogger.com
6 pagead2.googlesyndication.com ballenblogger.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 js.getlasso.co ballenblogger.com
js.getlasso.co
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.googletagmanager.com ballenblogger.com
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 lasso.link js.getlasso.co
1 www.google.com tpc.googlesyndication.com
1 in.getclicky.com static.getclicky.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.getclicky.com ballenblogger.com
1 fonts.googleapis.com ballenblogger.com
1 ballensbuys.com 1 redirects
70 15

This site contains links to these domains. Also see Links.

Domain
loriballen.com
wordpress.org
ballenbrands.com
facebook.com
twitter.com
Subject Issuer Validity Valid
ballenblogger.com
GTS CA 1P5
2024-02-03 -
2024-05-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.getclicky.com
E1
2024-01-31 -
2024-04-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
js.getlasso.co
GTS CA 1P5
2024-01-24 -
2024-04-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
lasso.link
GTS CA 1P5
2024-01-01 -
2024-03-31
3 months crt.sh

This page contains 5 frames:

Primary Page: https://ballenblogger.com/
Frame ID: DB628B231E5A7148DB70D65E9357E291
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 6E320153A00BD6B889394E6D82537EAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9630299824495654&output=html&adk=1812271804&adf=3025194257&lmt=1709058042&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_r&format=0x0&url=https%3A%2F%2Fballenblogger.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709058042577&bpp=2&bdt=599&idt=210&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=938265250702&frm=20&pv=2&ga_vid=569996701.1709058043&ga_sid=1709058043&ga_hid=1893991587&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42531706%2C95323741%2C95325068%2C95322182%2C95321865%2C95324161&oid=2&pvsid=236692221933551&tmod=1321943823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=231
Frame ID: DC64E50DB915121D790F47D161DF1210
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 358BC1F96E789E721A56138B9D29AAF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F00F553AEE0C518C65486280557AB3BF
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Ballen Blogger

Page URL History Show full URLs

  1. http://ballensbuys.com/ HTTP 301
    https://ballenblogger.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

93 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

1271 kB
Transfer

3692 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ballensbuys.com/ HTTP 301
    https://ballenblogger.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ballenblogger.com/
Redirect Chain
  • http://ballensbuys.com/
  • https://ballenblogger.com/
143 KB
24 KB
Document
General
Full URL
https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec75f71168dc9bbaf4b7f4f2d00bdabeb2cdeac06618d8f60b6fc10dcb6d15cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
85c2716ebcd8b915-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 Feb 2024 18:20:41 GMT
fastly-restarts
1
link
<https://ballenblogger.com/wp-json/>; rel="https://api.w.org/" <https://ballenblogger.com/wp-json/wp/v2/pages/31850>; rel="alternate"; type="application/json" <https://ballenblogger.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ycRYsChvlpzeuiirwPr%2BanLLmCywXG3R4hYvAzkPnrrYCiA0ARCiqgzMPW%2BIQTfnje1ETRFPn5rLwA3b%2FEWcIxgdBS1OaacgKvwQ9X0h1oNS6UYIDPi8EIpp%2F0azDkb%2B8br8l8Sfq9t%2FLasNlGRng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Authorization
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cacheable
NO:Not Cacheable
x-content-type-options
nosniff
x-fw-dynamic
TRUE
x-fw-hash
97rherbom3
x-fw-serve
TRUE
x-fw-server
Flywheel/5.1.0
x-fw-static
NO
x-fw-type
VISIT
x-fw-version
5.0.0
x-served-by
cache-ams21082-AMS, cache-ams21055-AMS
x-timer
S1709058040.154290,VS0,VE1801
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
60
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Feb 2024 18:20:40 GMT
Location
https://ballenblogger.com
Server
ip-100-74-2-233.eu-west-2.compute.internal
X-Request-Id
23d30e26-2d92-4a86-898e-69ee9afacbe2
style.min.css
ballenblogger.com/wp-includes/css/dist/block-library/
108 KB
15 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21081-AMS, cache-ams21040-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058042.010318,VS0,VE128
etag
W/"65b959af-1ae43"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6kx5Tl00vdYA30HcZ4gK%2BGeRVbewd8HLlT5BVho95YakkGWjfMwxppjGN%2F6jDCRGGOMrjxnFglS0xdwlsjtZSpyKd8uPUVPpHkW3hoRJOJRvkw7rcRK6skfXrNcEvuA9wyDVCNTKEyUWdkg1AY9iA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b25b915-AMS
x-cache-hits
0, 0
lasso-live.min.css
ballenblogger.com/wp-content/plugins/lasso/admin/assets/css/
39 KB
7 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/plugins/lasso/admin/assets/css/lasso-live.min.css?ver=1708705287
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae6435457364064642f22a5da37aaaf1f0907ed2ad2cf82d2ee0f30fe4ba6429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21044-AMS, cache-ams21037-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Feb 2024 16:21:27 GMT
server
cloudflare
x-timer
S1709058042.078576,VS0,VE121
etag
W/"65d8c607-9acc"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJhl318lo6QM47vcwL2o6PHK6d03kGTZegVPbhQzbtw8Ns6YGuD6knKS02OT%2FgwYEn3vG%2BkiaKIB8xmZL%2BiviDWCZV2zVGiGl5F0YGL3n1M3vpNNlz7EzNj1CjD7LM55grGF3xANwPwDD%2FkV%2FBTiZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b2cb915-AMS
x-cache-hits
0, 0
lasso-table-frontend.min.css
ballenblogger.com/wp-content/plugins/lasso/admin/assets/css/
36 KB
5 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/plugins/lasso/admin/assets/css/lasso-table-frontend.min.css?ver=1708705287
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad27771744b53badb927f7d4c2f285a337fb8049592701f425e1ae4fcaf6619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21063-AMS, cache-ams21020-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Feb 2024 16:21:27 GMT
server
cloudflare
x-timer
S1709058042.010727,VS0,VE119
etag
W/"65d8c607-9154"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntt7GuQmQzSKdwvRp0i7npuqXqlIecZazuXK9PxhjRrutJJ%2BKkn16w9XJrfuKBAheU%2BFPjrqSxaO4cKpcczHD60LRUJg0Nnpzp7oHgUmT9ekKtZ8HVTWtcVQEZY90T1Nj2MowBl%2FwVsTA3U51sbM2w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b31b915-AMS
x-cache-hits
0, 0
style.css
ballenblogger.com/wp-content/themes/jnews/
427 B
934 B
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/style.css?ver=6.4.3
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858790d2cec41d2c25e5e2e8587ed89f20bf28a126d94fb09b626603e1f3309b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21043-AMS, cache-ams21028-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:40 GMT
server
cloudflare
x-timer
S1709058042.010239,VS0,VE127
etag
W/"65a69ce8-1ab"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsTXUM0H5lc4VXLvYKNs3yibMbUJZsv3TivIGVtUiDhGWlDEKHWUOzgMvfHscHfA5wuPtyMaclNZ4ipurzgND6uWZaiXxr%2B73ZcrYR1dFVRQ8DBRu2BN3%2Bo3yptvT3vxIYBTWYT5Hfk3S1to71xo3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b32b915-AMS
x-cache-hits
0, 0
js_composer.min.css
ballenblogger.com/wp-content/plugins/js_composer/assets/css/
454 KB
46 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.3
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49e16149fd134ecdfc927cebab7226960180071da626926c60d03600d169db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21023-AMS, cache-ams21057-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Feb 2024 16:12:53 GMT
server
cloudflare
x-timer
S1709058042.010053,VS0,VE119
etag
W/"65cce685-717c9"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSLdWaIUvbgslHLzNqtx7UaQ%2B%2BVJfSeEq%2F5WoBS2W3qI6HL28OGrJYu9kF395zQeXgQARZrx0uxelGI0U4CfLJ7Lcy5zMS%2F6l7TlamfaKsSUsCtSrMy8Tjcppy16nniwEcnDbPX4wy02QZQbEMXdhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b35b915-AMS
x-cache-hits
0, 0
css
fonts.googleapis.com/
2 KB
948 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3Areguler&display=swap&ver=1.3.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4edd70d08695985c44fb9bb16cc7890e625e4b4a0fb9cffab53b5d8368f3b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 18:20:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 18:20:42 GMT
font-awesome.min.css
ballenblogger.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21080-AMS, cache-ams21029-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Feb 2024 16:12:46 GMT
server
cloudflare
x-timer
S1709058042.010266,VS0,VE122
etag
W/"65cce67e-7918"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEgtmeoGVDoeS%2BJSIHj%2BDwmweydRbQTpSrLh36qPFSYL5Xi%2BYImgBMGa%2FPmk1rhP4IBd79XRWJBJpyNqo1NNbn5fN7ErEjOyN9ljThb5%2Bzwo0s2CeCgFOneZY5y%2FCBlAr0%2FZEyZlFJcnlODLLxkzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b37b915-AMS
x-cache-hits
0, 0
core.css
ballenblogger.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/
456 B
616 B
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/core.css?ver=1.2.8
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72347df415140a5f85796136e3a512121e7cf9a16fc91c9197892b545b0ef08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21047-AMS, cache-ams21058-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Feb 2024 16:12:46 GMT
server
cloudflare
x-timer
S1709058042.012401,VS0,VE122
etag
W/"65cce67e-1c8"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7T35S6AAn%2F9UbxoJs6QeHWZgsu%2F3lxeYoUi%2ByWUHK9YzxxvYahlbxpdgbzM2IuGsMGRIfhuLKS5FzAaMiLlQXSpOd96rMu1fZhkVD4pFaU8mb6eGlzLhCYWTSMprka1Ih0BoaYxkr1unzTMwk4Apbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b3ab915-AMS
x-cache-hits
0, 0
frontend.min.css
ballenblogger.com/wp-content/themes/jnews/assets/dist/
589 KB
95 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e573a919f8e75408a135a3e8ccd7218c81b9e2e99621fce71d9527055fd04a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21059-AMS, cache-ams21037-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058042.011295,VS0,VE123
etag
W/"65a69ce3-932cf"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0J%2B5auoUVDQ4yZ%2FMnWfWduO4qcB0rEZamGgoohyyfCCJpIAJgxHLKejDQpYhAo6Xqf7MDh0WcYiV0UHjYttYVDsZYnkxZOVO3pUtfs8DJ0R%2FhUaxzpOMz6Cw8uBFvi6QlFiSKkSnHHgpGvHyX7LS5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b3cb915-AMS
x-cache-hits
0, 0
js-composer-frontend.css
ballenblogger.com/wp-content/themes/jnews/assets/css/
3 KB
669 B
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=1.0.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21060-AMS, cache-ams21080-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058042.011761,VS0,VE120
etag
W/"65a69ce3-bb7"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IWVUDCA3H94V94uL3Go4QxJCTy%2FUOishRh6OI%2FCDpyT8xUFJIFSphWg6yggK%2FhNYesEt%2FQLS8aMYyRmXAfCCgtLwChzsjlFppypXhcx3%2BvtDlp6f0v8eHPC83xU8b4uGS3hfLvV8rBwm3nZ7uTB1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b3db915-AMS
x-cache-hits
0, 0
style.css
ballenblogger.com/wp-content/themes/jnews-child/
566 B
650 B
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf97de8ad6bc93b3c21dc853b405253b32668272e36f8624d209ce143681538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21073-AMS, cache-ams21029-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Feb 2023 01:10:18 GMT
server
cloudflare
x-timer
S1709058042.013177,VS0,VE323
etag
W/"63eed3fa-236"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWgEsoLxPYrv2Bfx59tmpO4yhT3ESzTrnAqEBdFQKbwp7nSdz5%2FfKaGLmzA%2BLdq8wD1ve9XXC%2FdY15FnpA6UQrbBTf3YMXczenJVAWd6OXMDpYEwrx%2Bf%2FI3XvgJSK41bpR1j4AimSWQL0hQcuDdB9w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a7b3fb915-AMS
x-cache-hits
0, 0
darkmode.css
ballenblogger.com/wp-content/themes/jnews/assets/css/
46 KB
8 KB
Stylesheet
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8779150e41758c8077ed4876f73aa8aa9e3a0bc46c9c7eda1b0ae2bc8dc6841d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21081-AMS, cache-ams21082-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058042.025039,VS0,VE435
etag
W/"65a69ce3-b786"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjNgaLFJRRURA7ferRto6pSUMHYWu%2BKuHVCe2lvY8e%2Fa3xGG4bMqrpVnAj%2BBSulvL%2BvfPT3QgPGfH3G4Zn1JlMdfYUQNIbzNJJZPVS3r6EB5OGD0XtkAoYF0HehmK7s2Kx0%2FRZk8WMXtC10FkWqs6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a8b64b915-AMS
x-cache-hits
0, 0
jquery.min.js
ballenblogger.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://ballenblogger.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21048-AMS, cache-ams21024-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058042.022245,VS0,VE132
etag
W/"65b959af-15601"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B6LACG%2BT6iLv%2FZaRXFLSDrPK2gY51hAiY5CnGzPrR5yahN9%2B3YVEwDmkQ6dJ3LltUgg%2BmkuQCkAd2xXEus3DKUOcwbqrWzlfQcWjPl%2BHUdZYUFwCw23odiZixmCAs0rEa%2F4z1Dd9LpY4LORvAmROA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a8b69b915-AMS
x-cache-hits
0, 0
jquery-migrate.min.js
ballenblogger.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://ballenblogger.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21057-AMS, cache-ams21053-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058042.028908,VS0,VE127
etag
W/"65b959af-3509"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fb68VfWNdziMLYlDQQalZIMA13WjZuQNLgTxqbpyFXImAyHxbJRy%2BaB8VsnpunEc5IUC0mNMv%2FeEQdEBtuemq%2BhgqmnXwM2WHDYl%2FLpj%2FDlEm%2FxTD%2BQ4HFX5KxqVDbAYFg1fg1a4dUeSg8IgwLapjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a8b6ab915-AMS
x-cache-hits
0, 0
101378442.js
static.getclicky.com/
15 KB
6 KB
Script
General
Full URL
https://static.getclicky.com/101378442.js
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6128956e9b0918ccdf7452305962e746c8a2dc7dbf923c39beaf24b5ced3559b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2024 00:32:40 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
85c2717e4e8d65b0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Mar 2024 18:20:42 GMT
js
www.googletagmanager.com/gtag/
139 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-42947796-4
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
442a9239b049196bd6d97e5b160966548afaf426f59af4179777d8d83551c0dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
54372
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Feb 2024 18:20:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9630299824495654
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37d893040ede11c0ef4fee4fb66699d7864c3c8b303069458a096d97e04d39df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ballenblogger.com/
Origin
https://ballenblogger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51102
x-xss-protection
0
server
cafe
etag
2026652048842122512
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 27 Feb 2024 18:20:42 GMT
jeg-empty.png
ballenblogger.com/wp-content/themes/jnews/assets/img/
70 B
747 B
Image
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21080-AMS, cache-ams21054-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:36 GMT
server
cloudflare
x-timer
S1709058042.031201,VS0,VE428
etag
W/"65a69ce4-46"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTOQ%2FypwgZOY8QeA58L5T5i9t%2BSI4NKmFF%2ByKM5csgVp309uLgFgxHkkbGsMwYPWMVxYk5mHD2QWvOu2vMol2SyIPWbJYpcvHqWMUalHKukgVeCitI0Rl6%2BMSGb2pVjlAWvOMUSG8mxUmqc7AqJdew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a8b71b915-AMS
x-cache-hits
0, 0
lasso-performance.min.js
js.getlasso.co/
33 KB
11 KB
Script
General
Full URL
https://js.getlasso.co/lasso-performance.min.js?ver=323.20240227
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:156f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a0386fedf97fdc1ec3777e8cd75b66a4d1f49d07b8a0b700f3e57962d71a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:42 GMT
via
1.1 1e8a623b7fca4a2616e2db6a6c2b0302.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
ORD56-P4
age
63610
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 06 Feb 2024 04:48:42 GMT
server
cloudflare
etag
W/"64297d8ff00c31684757417f5b16b19a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
85c2717e4a542bf2-FRA
x-amz-cf-id
CqaWpqrzrqXIvjG582A_CcYD2-hKbOm1mZ26b2WOJpLtL_7aI84vow==
expires
Wed, 26 Feb 2025 18:20:42 GMT
ta.js
ballenblogger.com/wp-content/plugins/thirstyaffiliates/js/app/
11 KB
3 KB
Script
General
Full URL
https://ballenblogger.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.11.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21067-AMS, cache-ams21041-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Feb 2024 16:12:22 GMT
server
cloudflare
x-timer
S1709058042.033476,VS0,VE122
etag
W/"65cce666-2bc0"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hXYXhZSomhXmoiyRhZGyyZgjdPagVeVnvoD3ZS%2Fqq4f45MV036UZMyXewRjflAbBAuwRaU92TiLwk%2B%2BHC9MrsVM4t9L3vOaBEFt%2BoUfzQiANACWDxDHw77GTDr5HcjhSwpoNIQgeKKzPLY306EoSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717a8b6eb915-AMS
x-cache-hits
0, 0
tap-gct.js
ballenblogger.com/wp-content/plugins/thirstyaffiliates-pro/js/app/
3 KB
2 KB
Script
General
Full URL
https://ballenblogger.com/wp-content/plugins/thirstyaffiliates-pro/js/app/tap-gct.js?ver=1.8.2
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9054225ce5d472bc9ea88a96e3c1759bcb0c4d8d43af5fed9a82b498e2c62d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-mrs10563-MRS, cache-mrs10530-MRS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Feb 2024 16:12:24 GMT
server
cloudflare
x-timer
S1709058042.210551,VS0,VE469
etag
W/"65cce668-c94"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a4pa9EVeiXT%2BMaKtZhlYzLtamNBkYaDvoctPxqsGfIqZa4ma1h8Nr4qz7fWmwReMFeWeUGPuT8%2BvZID9H6fS67FaIwKrctv0nkLrF25PKBuJjONlH7BVofqQ%2Fq4%2FKH0H%2Fxj7oUJMmhudHYST7pwFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717b9b3dd408-CDG
x-cache-hits
0, 0
comment-reply.min.js
ballenblogger.com/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://ballenblogger.com/wp-includes/js/comment-reply.min.js?ver=6.4.3
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-mad22040-MAD, cache-mad22048-MAD
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058043.536320,VS0,VE509
etag
W/"65b959af-ba5"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5KCEN1I0yTP7mZGV48oTfKXcjfo2%2BgZKFEvGjfvddZYx0eSf5Pvg1LWH8E45r2oM%2FgN%2Fw4aqneGn96%2Fqe76KE4daVAcKuA7EH3Wt14p0jb3q7c%2Ff55VyCtT%2FmNMNV2C8k43uQOA4TULec%2FHBTozqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717d9d4fd408-CDG
x-cache-hits
0, 0
hoverIntent.min.js
ballenblogger.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://ballenblogger.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230029-FRA, cache-fra-eddf8230111-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058043.513134,VS0,VE133
etag
W/"65b959af-5db"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVyOjm%2FyfL%2Fqo85n2iP1NapqCAmtuitcbVZ3HCkTUFD%2F%2F05IYnu4WbRFGfUxR33kXNjddcrxmou4xeYvbKLQtsb1NMnkN2iPz9%2B5MlBkyHGzpUsgDQPR7PwCoZpcR%2FXdMlTUlu2sLHXNI%2BcSy88b0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717d8d43d408-CDG
x-cache-hits
0, 0
imagesloaded.min.js
ballenblogger.com/wp-includes/js/
5 KB
3 KB
Script
General
Full URL
https://ballenblogger.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230026-FRA, cache-fra-eddf8230040-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058043.558821,VS0,VE132
etag
W/"65b959af-1590"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zudz0OF%2BoRxfpVsnGtRNG6wO0EF6bHsTUBif%2BJdqgyK%2BCUfW3NFmsFVTaXo3XV3EA0fKTJS3EWiWtYq2BPfzdOZ0QsQWKXGU1zKGD0mU81hyhlKNDmFd9LnTT70AOLxJ8LBJlMu3%2Bj%2Bz6xob6%2FikTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717d9d4ad408-CDG
x-cache-hits
0, 0
frontend.min.js
ballenblogger.com/wp-content/themes/jnews/assets/dist/
298 KB
87 KB
Script
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b22b31198d491f66348b81dbe26e460b1990b2629716f73f6bc11e71d61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21046-AMS, cache-ams21070-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058043.527910,VS0,VE125
etag
W/"65a69ce3-4a738"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ0HShDzlbhtokyVesX2uGvX1OKAywXW9E0ed77VzacIKoRRrpU3IcMziBl6c48Q1wnSCLyj3EhvXKXPYbRHeDfHeSyU16%2BVtb1W%2B0IvFpCUenytVVgD%2Fev%2FmIgg2wr6JPZVGC5OZILZPVLoIOmclg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717d9d4bd408-CDG
x-cache-hits
0, 0
js_composer_front.min.js
ballenblogger.com/wp-content/plugins/js_composer/assets/js/dist/
20 KB
7 KB
Script
General
Full URL
https://ballenblogger.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.3
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86835a4ef093c7fc3c6d6f1433b669b286b4fb3074f2f15c2a95825269308323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-etou8220069-FRA, cache-fra-eddf8230083-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Feb 2024 16:12:53 GMT
server
cloudflare
x-timer
S1709058043.515846,VS0,VE149
etag
W/"65cce685-5115"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCTpViEaZ%2FibP7QQx2Yt%2FakPQucGpJ%2FDg17jkDN5M1KrBeAMagMiZP5bE%2Bp0xtfgzYURnhNT2QGJl%2B%2FgPyeJo30UxhqLcU5RE%2FKHJdQA0H0cDnVhLQ%2Bj2kgMjDdWoROPXO%2FxOv%2FGuO5G2ScaOAyzPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717d9d4dd408-CDG
x-cache-hits
0, 0
03f8847d-28d0-42aa-bf0b-f9374983dbbd
https://ballenblogger.com/
1 KB
0
Other
General
Full URL
blob:https://ballenblogger.com/03f8847d-28d0-42aa-bf0b-f9374983dbbd
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
jeg-empty.png
ballenblogger.com/wp-content/themes/jnews/assets/img/
70 B
862 B
Image
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21080-AMS, cache-ams21075-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:36 GMT
server
cloudflare
x-timer
S1709058043.519607,VS0,VE117
etag
W/"65a69ce4-46"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhrE10bG17yLOAkTy5QT%2BYCEUdXKqxk9754WU%2BQdSJ7efCGGIsQIFOQ8awWfRmaRmpgieOC%2BWZj41aRjoHcFbs4%2BSvaWoge2BRdIgKQRaDBlz%2BWd4xBVRA%2Be%2FAg8mT6hO2zxrmYac83ZGPy9D1W3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717d9d50d408-CDG
x-cache-hits
0, 0
js
www.googletagmanager.com/gtag/
139 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-42947796-4
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a98d599bf18e955386a593d6a06675db067772e5e93895b47060d954d0d7e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
54371
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Feb 2024 18:20:42 GMT
preloader.gif
ballenblogger.com/wp-content/themes/jnews/assets/dist/image/
4 KB
5 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-lcy-eglc8600070-LCY, cache-lcy-eglc8600038-LCY
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058043.532159,VS0,VE119
etag
W/"65a69ce3-112f"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/gif
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59p%2B1Fz1Zq5ueftBxb5mUwwManv5zwKAhv1dbmshGw%2FzB3QkZ6imdQGbXBSspb0jg6lt1iqwSMwV%2B0IOxUVFYxP1iZwUnGwZ1tlFpcxQx2Dn%2BjBAryx7ao40GrceXIekveECe2mohaOasInA4VOy3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717dad69d408-CDG
x-cache-hits
0, 0
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v37/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3Areguler&display=swap&ver=1.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ballenblogger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:03:48 GMT
x-content-type-options
nosniff
age
562614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21904
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:15:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 06:03:48 GMT
fontawesome-webfont.woff2
ballenblogger.com/wp-content/themes/jnews/assets/dist/font/
75 KB
76 KB
Font
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Origin
https://ballenblogger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
content-length
77160
x-xss-protection
1
x-served-by
cache-ams21053-AMS, cache-ams21071-AMS
x-fw-type
VISIT
fastly-restarts
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058043.595217,VS0,VE120
etag
"65a69ce3-12d68"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2T0ctTRHFzDhifhSLktC2QPsAJubuJBwasoKJlAqThcYOU3QAgPwVDwT9Irx2Tnr14TXy7ZVMoxzO%2FRsDc1%2BwlZDF2aDXDYDfA5kO2Ky6rRWG%2FcSBgmwyAN6xrOYhtaF8ev%2FS96JidUEsNh%2FwjAAdg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
cf-ray
85c2717dad74d408-CDG
x-cache-hits
0, 0
jegicon.woff
ballenblogger.com/wp-content/themes/jnews/assets/dist/font/
7 KB
8 KB
Font
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Origin
https://ballenblogger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21070-AMS, cache-ams21049-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:35 GMT
server
cloudflare
x-timer
S1709058043.523111,VS0,VE147
etag
W/"65a69ce3-1be8"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/font-woff
vary
Authorization, Accept-Encoding
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
private, max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZbx9WR02Rul46C9rw66R5WutN5BBQ%2BgKNOLjlXBO3ilG3URVTCWdvZHJhkcoqZ2xKWRVXXjP8Mo6D%2BoWCPWLv6%2F2eRaIerGItdCXlKWPokXvaQbXp%2B19SZg59bIKE8fVaL2YxuBPopxrA5xTQyIIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
85c2717dad76d408-CDG
x-cache-hits
0, 0
rss.png
ballenblogger.com/wp-includes/images/
608 B
1 KB
Image
General
Full URL
https://ballenblogger.com/wp-includes/images/rss.png
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230050-FRA, cache-fra-eddf8230112-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058043.558125,VS0,VE130
etag
W/"65b959af-260"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FL%2B%2FPcEdgW1GnVPngXT%2BOKCUr51xtrXFJwnPQQoEzvWz4QhfVATymeSHhiZovasS60d3OaEcc%2BMEmr1I8iwhmJAcu4Sp3MoCcVxJzhhsnYg9DOii28mBJUT1guvyOh8DOdvf5Ih8lBeuDRQGuK%2BAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717ddd9bd408-CDG
x-cache-hits
0, 0
js
www.googletagmanager.com/gtag/
268 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3HXWGKNMTB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42947796-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74d3e64dffaff7ddf778c36a620b1fdb5d3549284a135f7cd0fe508554f5a01d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Feb 2024 18:20:42 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42947796-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 17:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2919
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 27 Feb 2024 19:32:03 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/
408 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9630299824495654&plah=ballenblogger.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9630299824495654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760409ac2e87a0017b623daccf869d33c5efd970c2aaeb96fd1f7c50240fd9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141468
x-xss-protection
0
server
cafe
etag
10618034442836472379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 18:20:42 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 6E32
9 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9630299824495654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ballenblogger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29627
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 10:06:55 GMT
etag
9539045072340585784
expires
Tue, 12 Mar 2024 10:06:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
246 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3HXWGKNMTB&gtm=45je42q0v882319261za200&_p=1709058042484&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=569996701.1709058043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1709058042&sct=1&seg=0&dl=https%3A%2F%2Fballenblogger.com%2F&dt=Ballen%20Blogger&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2677
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HXWGKNMTB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 18:20:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ballenblogger.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1893991587&t=pageview&_s=1&dl=https%3A%2F%2Fballenblogger.com%2F&ul=en-us&de=UTF-8&dt=Ballen%20Blogger&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=65054944&gjid=959710356&cid=569996701.1709058043&tid=UA-42947796-4&_gid=131070865.1709058043&_r=1&gtm=457e42q0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=339571265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ballenblogger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ballenblogger.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Best-Gift-Boxes-For-Women-400x225.jpg
ballenblogger.com/wp-content/uploads/2020/05/
18 KB
18 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/05/Best-Gift-Boxes-For-Women-400x225.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bd0f2b4d50d166eddd55599738742e8b5045039d5cfb0b0020f34fd2e607d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230139-FRA, cache-fra-eddf8230047-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 20:57:37 GMT
server
cloudflare
x-timer
S1709058043.794058,VS0,VE136
etag
W/"60d3a041-461d"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd8A2q31p%2FFksjfT44go3tX9Q7VxU%2Bskm40iU8rh2bEDSdOMfeh8fqPAb5UdmPmCwlfkwOdPFBJ%2FHPiMWISB5AJL3%2BxRYDgLEyxqydUwei0bhRuNrXdvGp81ZNfF7V6AAhtuGuwvRTlcvkzvzO6WNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f5f66d408-CDG
x-cache-hits
0, 0
Monthly-BBQ-Box-400x200.jpg
ballenblogger.com/wp-content/uploads/2020/07/
22 KB
22 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/07/Monthly-BBQ-Box-400x200.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931d67db3f088cbfe3a32ceb929efc9eef509d37eee681a3700f7d9da0c53517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-etou8220128-FRA, cache-fra-eddf8230106-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 19:59:58 GMT
server
cloudflare
x-timer
S1709058043.793029,VS0,VE129
etag
W/"60d392be-5620"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fygnO%2Bw%2F%2BVzDe5oi8DI8nE%2FGKEu%2FtP3A5NghD9GKAlzmXF%2BqetN7TPL5Mqxk1c8z9m8JNObDogfB0qzs7AU4%2BLB3afg8eDV7apIF6CYGjyI5wSFtu2WOAMzUNiVXf12btJsYPktvINMMQix7QcvrzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f5f68d408-CDG
x-cache-hits
0, 0
Sidetrak-Laptop-Monitor-Extended-400x200.jpg
ballenblogger.com/wp-content/uploads/2020/05/
15 KB
16 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/05/Sidetrak-Laptop-Monitor-Extended-400x200.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6bf07db4ef8d787f39204589058d32a98c4bc359f9e0116f2f5a6ffc6cf728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-etou8220091-FRA, cache-fra-eddf8230023-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 20:32:03 GMT
server
cloudflare
x-timer
S1709058043.802693,VS0,VE129
etag
W/"60d39a43-3c97"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNofYy3QPEmb%2F2lta9DsUJhPdbmC1I1sK9GBJlJNPGtQ63CWvZ3IQEhKDkR3RGDh5SzLYCmC5E86YmAg1cLFo03gAnHF2OqbnJXti2K6SpgKQ4XVJGqs%2FFdhatcUvxGaS%2FhrrOd1WeODIsqwghM9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f5f69d408-CDG
x-cache-hits
0, 0
sugar-free-almond-clusters-recipe-750x375.jpeg
ballenblogger.com/wp-content/uploads/2024/01/
55 KB
56 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2024/01/sugar-free-almond-clusters-recipe-750x375.jpeg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0f5febb9cefd6c5b25899ca4eb500b1576c7c88f3f7012c9d7f0a7920401f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230101-FRA, cache-fra-eddf8230102-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:10:49 GMT
server
cloudflare
x-timer
S1709058043.808647,VS0,VE139
etag
W/"65a69c79-dbd5"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shACqbngiY4sH8B8c8zJ7ucwOcTKrVYKJdA4NELTnKSLkbDcTi8vmQ%2FwXS6DUuySkidGTpFQj3ivIW%2FwBAHXWAehAwdwqFK7sduBGWSi7tDO%2BycQM%2FmiUCQN3nmYXLHf94bfLW4BKk43frc%2B%2FUqRGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f5f6ad408-CDG
x-cache-hits
0, 0
mini-waffle-maker-blog-724x375.jpg
ballenblogger.com/wp-content/uploads/2024/02/
73 KB
74 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2024/02/mini-waffle-maker-blog-724x375.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede6b71c819412ca1192fe7167617e2eef9c428cabe2e06838669ccabfe54bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21029-AMS, cache-ams21047-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 27 Feb 2024 15:20:18 GMT
server
cloudflare
x-timer
S1709058043.792956,VS0,VE119
etag
W/"65ddfdb2-1257d"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry8vv4t5ZY7zKvvG%2B6Ma3K5ZghSMWhecsIjuDNeke7eQOjaYQzzpCXUcfwXZ2DElcJwNCxYG1o8dFHm1AC79ZUO2Qaan9IwegU%2BoeXkwRYR%2FrbANPdAOnQmiQeZ2yXwZCGU7vST4U6M02OqLBhTdqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f5f6bd408-CDG
x-cache-hits
0, 0
ad_300x600.jpg
ballenblogger.com/wp-content/uploads/2023/01/
22 KB
23 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2023/01/ad_300x600.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3008ea5804a1e826eacf5a521362e2c817fd8656ea5123ed78b3580458571b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:42 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-lcy-eglc8600053-LCY, cache-lcy-eglc8600029-LCY
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 14:08:55 GMT
server
cloudflare
x-timer
S1709058043.802906,VS0,VE115
etag
W/"63bec2f7-5895"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4albXqJ3s7biMpC4FMwNqqtmH4CFbsjYB1cZdPCcVMBlIv%2FLvn7%2B49CBvI61rsHe%2FdUxb9OE%2BgTF3nNUnqowOJWf4plWsNgGETdAV5kJq84NDYPtqZwzQPMbtj7DEVkxhX%2FK%2Fet4uKV4PBT66cupMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f5f6cd408-CDG
x-cache-hits
0, 0
ads
googleads.g.doubleclick.net/pagead/ Frame DC64
603 B
218 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9630299824495654&output=html&adk=1812271804&adf=3025194257&lmt=1709058042&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_r&format=0x0&url=https%3A%2F%2Fballenblogger.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709058042577&bpp=2&bdt=599&idt=210&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=938265250702&frm=20&pv=2&ga_vid=569996701.1709058043&ga_sid=1709058043&ga_hid=1893991587&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42531706%2C95323741%2C95325068%2C95322182%2C95321865%2C95324161&oid=2&pvsid=236692221933551&tmod=1321943823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9630299824495654&plah=ballenblogger.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ballenblogger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 18:20:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
ballenblogger.com/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
https://ballenblogger.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21022-AMS, cache-ams21031-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jan 2024 20:18:55 GMT
server
cloudflare
x-timer
S1709058043.850333,VS0,VE143
etag
W/"65b959af-4904"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
application/javascript
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrx5O5%2B7%2BV5JhUwtTAnB%2Fv3%2B41UqYUiMLW0369bVH41yR5ndRTok88zC5I49vVX5qqYnXvk77gaFUqBa%2Bp85R303K2y7A%2FLOBrkA2F7vl9W%2F3g8v4KM%2FqkR3QBevL2fPcxfkAhRf%2BK7HLe6MuGnxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717f9f9fd408-CDG
x-cache-hits
0, 0
jeg-empty.png
ballenblogger.com/wp-content/themes/jnews/assets/img/
70 B
821 B
Image
General
Full URL
https://ballenblogger.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21075-AMS, cache-ams21075-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2024 15:12:36 GMT
server
cloudflare
x-timer
S1709058043.877931,VS0,VE118
etag
W/"65a69ce4-46"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVjyJqqysyju6nx8CpCluLgtu46t8Wd1JKTqY1X9TkF2fALhmBpC4KDX4k7VOhGBQGgWPK5sO%2FWf%2BDhIBufw16J3Rmq1EActoTYV0JwQsIUoOkw7TxZQ9lvXbqcoHJB7ONF9FmMwcmLntErHoUYLqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717fdff9d408-CDG
x-cache-hits
0, 0
The-ABCs-of-WordPress-400x200.jpg
ballenblogger.com/wp-content/uploads/2020/03/
11 KB
12 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/03/The-ABCs-of-WordPress-400x200.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0a7516653f5beca5c0569bbc12510ff4dbdeefa0bde3cb1ace22df1e537f86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-lcy-eglc8600068-LCY, cache-lcy-eglc8600022-LCY
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 20:04:41 GMT
server
cloudflare
x-timer
S1709058043.889167,VS0,VE121
etag
W/"60d393d9-2c51"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znm6pJz1rV4RjNZ7pXnrcMXJHjROlsPRMjgBHFlwuS36WO3YTe419o5TGy2QFDP52Nl9v1zmhck1UiempXTHFg8nu%2BgXIJ3ENp1guBH3MHkZ2qyKfR9FVG9vLzUtPGWDeh%2FIG8E9wrnKZVd56Hi%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717fe81ad408-CDG
x-cache-hits
0, 0
Candle-Subscription-Boxes-400x225.jpg
ballenblogger.com/wp-content/uploads/2020/11/
13 KB
14 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/11/Candle-Subscription-Boxes-400x225.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c88502c005af32f467062cc0d0fef2f74bc94c7b84436e339fb495e874bba91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-ams21036-AMS, cache-ams21030-AMS
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 19:22:54 GMT
server
cloudflare
x-timer
S1709058043.897168,VS0,VE137
etag
W/"60d38a0e-3516"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yIRH%2Fge9MSPrviDvCApK122afL27W50msq0R8k19JlVzD%2FVfwlC3KO2V%2FWipGq%2FqndOzOMGtTWDk0dyS0YNjbqEAWREc7pubMphvLQ39XvybQzgnaRFiWC00ef0xTHyle1WBwdvgPz4ArlP64npLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c2717fe81dd408-CDG
x-cache-hits
0, 0
ad_728x90.png
ballenblogger.com/wp-content/uploads/2023/01/
18 KB
19 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2023/01/ad_728x90.png
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40693b8b8aad53c717710dddd10047bcb3d6b0e1aa2180feee00adaa85ec29de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-lcy-eglc8600062-LCY, cache-lcy-eglc8600056-LCY
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 14:08:54 GMT
server
cloudflare
x-timer
S1709058043.047646,VS0,VE398
etag
W/"63bec2f6-4723"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/png
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYdDNzC95CIekjDJutjloBArtRiYrmK5Sxjz%2Bmzl99TChTA2cw1o55A8Oob9cIA1f7K8xS7GRDFIJNNRmKe%2FOSvsGaj%2FBDRCYL%2FWJ4SuigEQ9XlxZE0L7FnNmy1uwtqVXJX2Aeg4hLtM3sVRLk4sHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c27180d93fd408-CDG
x-cache-hits
0, 0
bots.min.json
js.getlasso.co/
59 KB
15 KB
XHR
General
Full URL
https://js.getlasso.co/bots.min.json
Requested by
Host: js.getlasso.co
URL: https://js.getlasso.co/lasso-performance.min.js?ver=323.20240227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:156f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1547bfa10f3b67c910439886989a85d858ef60d660b683b1768c4e4e1bf935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:44 GMT
via
1.1 10fe4828a58246528ac6d56c0ccde12c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
LAX50-P5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 13:03:44 GMT
server
cloudflare
etag
W/"435ad62c1088d021459626e434fc8a2d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-apo-via
origin,host
cf-ray
85c27182c8420404-FRA
x-amz-cf-id
fCYfeKxciWN-BM1QP9pqSHHH9xCqy1uk46rHjSq3SMTzCFGWDT0dzg==
expires
Wed, 26 Feb 2025 18:20:44 GMT
affiliates.min.json
js.getlasso.co/
7 KB
3 KB
XHR
General
Full URL
https://js.getlasso.co/affiliates.min.json
Requested by
Host: js.getlasso.co
URL: https://js.getlasso.co/lasso-performance.min.js?ver=323.20240227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:156f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9caf0e7693823087cbfccfd60735b68f557fbc4a3c238c1823ff11d59f4aa8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
via
1.1 f75e35fb43ff0f12d193fc9d62977d34.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
LAX50-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Dec 2023 12:20:13 GMT
server
cloudflare
etag
W/"df86426bc2d83e4f866ece7261d62ec2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-apo-via
origin,host
cf-ray
85c27182c8450404-FRA
x-amz-cf-id
Q01O_BXduGhFC0Vf-d1EYppFdPm66-UuBEKCGO4xoNY8eCsRtNEfdw==
expires
Wed, 26 Feb 2025 18:20:43 GMT
impact-domains.min.json
js.getlasso.co/
11 KB
4 KB
XHR
General
Full URL
https://js.getlasso.co/impact-domains.min.json
Requested by
Host: js.getlasso.co
URL: https://js.getlasso.co/lasso-performance.min.js?ver=323.20240227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:156f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68dad7414145a626006bdc4cb81c8417762f2caef8a76df95f9f335a9b2b6464

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
via
1.1 cc5ee9362c1a190f2004ed17d0fdd242.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
LAX50-P5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Dec 2023 12:20:13 GMT
server
cloudflare
etag
W/"16566cbe4a1f84fca91471cf49e0c962"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-apo-via
origin,host
cf-ray
85c27182c8460404-FRA
x-amz-cf-id
izW-uvaZod4NRLmDUFqbneoS0jOgXOMRnWlHGYsSu_LIqEoOUAJoKQ==
expires
Wed, 26 Feb 2025 18:20:43 GMT
amazon-associates-domains.min.json
js.getlasso.co/
315 B
748 B
XHR
General
Full URL
https://js.getlasso.co/amazon-associates-domains.min.json
Requested by
Host: js.getlasso.co
URL: https://js.getlasso.co/lasso-performance.min.js?ver=323.20240227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:156f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86231787daeb16fd5f8d7628c5f53b94bfeb9261dae2112006060b5bdf1e8b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
via
1.1 bef4627c5294d3bd6467e354e4e691a8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
LAX50-P5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 16:15:33 GMT
server
cloudflare
etag
W/"3dfb4dcd3075db0b87bbfc7467187b96"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-apo-via
origin,host
cf-ray
85c27182c8440404-FRA
x-amz-cf-id
Hmivtqvv1gWNnABTw-W3GEOqWvS6zhi0C5o9zXue8SGtfn5SVS_iTw==
expires
Wed, 26 Feb 2025 18:20:43 GMT
in.php
in.getclicky.com/
101 B
278 B
Script
General
Full URL
https://in.getclicky.com/in.php?site_id=101378442&href=%2F&title=Ballen%20Blogger&res=1600x1200&lang=en-US&tz=Europe%2FBerlin&tc=&ck=1&x=2h22l8
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/101378442.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec00d4de44764f7895a107aa1f1d92696359512adc6d87360d89e3a014ed265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-ray
85c2718149a065b0-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9630299824495654&plah=ballenblogger.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e79a9578f84d951ec0c304fffaf61fe6b7cac6be987980ba270a3a9bb8b5ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12256
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9630299824495654&plah=ballenblogger.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 18:20:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 358B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ballenblogger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 15:10:36 GMT
expires
Wed, 26 Feb 2025 15:10:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F00F
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d998c39e9aa323e2dc72730c467f4af963a86ea9ed3e477da6db367f171692c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UxEiMAEdA47FJTARVOyksQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ballenblogger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UxEiMAEdA47FJTARVOyksQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 18:20:43 GMT
expires
Tue, 27 Feb 2024 18:20:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Best-Gift-Boxes-For-Women-400x225.jpg
ballenblogger.com/wp-content/uploads/2020/05/
18 KB
18 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/05/Best-Gift-Boxes-For-Women-400x225.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bd0f2b4d50d166eddd55599738742e8b5045039d5cfb0b0020f34fd2e607d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230047-FRA, cache-fra-eddf8230047-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 20:57:37 GMT
server
cloudflare
x-timer
S1709058044.731157,VS0,VE130
etag
W/"60d3a041-461d"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd6c8jDrQ9SWtxbKCeNiSJ%2BdMuThtPAY06uKNL%2FtonPUlbxv%2BySvi5az1iS8NmIqEKJQ1Kkj98wtYeHnCa%2B6nJfX6D495VLQjVfhUnsIlpN%2BucHzTuqaERuM1z9IRhRJlkqUC7ryPL%2B%2Fw%2FE%2FDOVPYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c271853f30d408-CDG
x-cache-hits
0, 0
Monthly-BBQ-Box-400x200.jpg
ballenblogger.com/wp-content/uploads/2020/07/
22 KB
22 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/07/Monthly-BBQ-Box-400x200.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931d67db3f088cbfe3a32ceb929efc9eef509d37eee681a3700f7d9da0c53517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230106-FRA, cache-fra-eddf8230106-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 19:59:58 GMT
server
cloudflare
x-timer
S1709058044.732072,VS0,VE125
etag
W/"60d392be-5620"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBO1xUqgH0WVwMIToL08%2BecBetQ9HWGw1zNlk81fJEUnhq9cNU7KMxi9dP3rJsFKEYlr%2FQJQ3856axsPQXRqcyqfZPFt60HJfVPfcrl5lmyWd6yP30%2FlIUnLopzT%2BPrS4drtdo1zbeE5MtOSHCdSqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c271853f31d408-CDG
x-cache-hits
0, 0
Sidetrak-Laptop-Monitor-Extended-400x200.jpg
ballenblogger.com/wp-content/uploads/2020/05/
15 KB
16 KB
Image
General
Full URL
https://ballenblogger.com/wp-content/uploads/2020/05/Sidetrak-Laptop-Monitor-Extended-400x200.jpg
Requested by
Host: ballenblogger.com
URL: https://ballenblogger.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:51f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6bf07db4ef8d787f39204589058d32a98c4bc359f9e0116f2f5a6ffc6cf728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-fw-static
YES
date
Tue, 27 Feb 2024 18:20:43 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-cacheable
NO:Not Cacheable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fw-server
Flywheel/5.1.0
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-eddf8230023-FRA, cache-fra-eddf8230023-FRA
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 20:32:03 GMT
server
cloudflare
x-timer
S1709058044.733477,VS0,VE128
etag
W/"60d39a43-3c97"
x-fw-hash
97rherbom3
x-fw-version
5.0.0
content-type
image/jpeg
vary
Accept-Encoding, Authorization
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNeAUldQ7nvS8wrwm4qpETSUkRMh3J2fVE5851il1c7C0xYZXfopXOXbk7IQ3VYNimZCGTX0V8qM9zUr9PTovBpswa0EJCeLIswRoIt2zpXqFD1h2bVKdnMX%2FBB8UpNf5n%2B%2B%2FG%2BlwL%2F4WASkhZA7oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-fw-serve
TRUE
cache-control
private, max-age=0
cf-ray
85c271853f32d408-CDG
x-cache-hits
0, 0
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame 358B
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
34347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 08:48:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F00F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=236692221933551&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 358B
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?lyh5lw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:20:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=236692221933551&bg=!wMOlw4zNAAZ3BdUuVwU7ADQBe5WfOFtbVbNc-BCyVDWJ4WhCwKYLgNCrx0WSXaKyJlQ21J5gIbilK1XX9kDfGnQDAEqfAgAAADhSAAAAAmgBB5kC-SWhybw4xUMo5eMbLi8Ai30fxa29bXmRxYQht6BjaBkRleGu0a2YzmlaRxwrqieGctm13Onyq_PeDlUJgSu3pW4EnONd03PnlvQUUheV8fyqfhLn7mcF1eEOxDRKZmglQAdS4s9RVCAa_RVxugTJKiWMIlVgmHEk_dSIIA0Jt8Mkg4nL5IB0mk-uHDMmt64GToxqAoE1c3gcTuB_clgqJA8xBkSAev6SLBTY3Nk3eLKKZeAN8m5NOZYsxCzf6A6b1tY1Jcx22NOeUWO49U000X5yc7VgoT12YH2TY37RKI5ndHIomOPVP3xgl7MlsJzzLM2NNlkCNVNeAKjd0kAKrxKBnFIRahvSPeLUWjv9khx9fJLhlcGo1S7spockLKlkFa4Uu-VAL7e9nlr_UCr5fQwH9TtHAaBxwSABkFFpUiFjuQlUnOn1I3AdL8xebT7W3K4rcMAmLmNbyQH0ynoqDEL2UnjmbWZcQdc9naXPa_G3tl8-zFsUJ1_ziiR1lPIHopjo18qAP3qfRPQ5hNxE1LVioyX_hlMLrfM0F2scEGALwG16bCfmwbsN2o6WCAy2T0RulX_qLL2hG-rww7e0odV6-AHR7Nsi3pAnJxrUZdByIJFfAV9aOAP5gtjjCESSQfeomR_0LQXSE7zMEFIMD48Zd29ltFf4s7E9p9ucisbxUJuWtcz7EmPwHwtDjNzRmY6aU37FZmr1vqMuX69YNnH4YNzUnKlGanwVpE9BtYEgUEZz3W7jUE61AmSp5acNC2qmJBjUtklFR6XRFkFrCPEvvc66G-o32b8O0OfeTcpaag81geQSTO88rJRVEQVKyUcFY65tdOsWEHAsbHxqjxQFJs1KHVpJbsVJwQ3K-xWKiLH-uVmthvGmA-VCpjA33XjaEr1_THYCO8Vs6HdUD7-umr6G4bf84EQi-g0W_-ndR9gCFPux8UbampL6sOBh8dHTD_ygBYAYxtabjTIVH73HY4lc4ocW2eCleU2RhljilXf0x6cnC77h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ballenblogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

tracking
lasso.link/events/
35 B
663 B
XHR
General
Full URL
https://lasso.link/events/tracking
Requested by
Host: js.getlasso.co
URL: https://js.getlasso.co/lasso-performance.min.js?ver=323.20240227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:23b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7bcfb161434fc323e8c29e90a0ad3e8cd2a549933352499053debf5f23abbc

Request headers

Referer
https://ballenblogger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Feb 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amzn-requestid
de8b7804-6066-4898-8508-7e1f0bca3479
x-amzn-trace-id
Root=1-65de27fe-49afa2a93bd791f71a11af3c;Parent=67f4e26dc3e96602;Sampled=0;lineage=79f7b78f:0
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jjg0sN8iZoBobqZdmaxPzb2mMau%2Bsy1mpzZFoqqicjo%2B032JawwCKgoluoVPsz9NyoiNeEkGKYKWuRAKyXGBhcIx7AO1S%2FNYljurGP3u5GcEtq2%2BAmlth2QVX4uUxITJya5WIYs7bal9"}],"group":"cf-nel","max_age":604800}
cf-ray
85c271943bc565f5-AMS
alt-svc
h3=":443"; ma=86400
x-amz-apigw-id
TzsvwGdYIAMEiCg=
content-length
35
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| jnews_ajax_url object| jnews object| jnewsDataStorage object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery function| gtag object| dataLayer object| FontAwesomeConfig object| jnews_module_31850_1_65de27f97a8e9 object| jnews_module_31850_2_65de27f98e642 object| jnews_module_31850_4_65de27f9905fb object| jnews_module_31850_5_65de27f992d33 object| jnews_module_31850_7_65de27f9a7cb1 object| jnews_module_31850_8_65de27f9a8d08 object| jnews_module_31850_10_65de27f9aad65 object| jnews_module_31850_11_65de27f9ab5d5 object| jnews_module_31850_12_65de27f9abe60 object| jnews_module_31850_13_65de27f9c0869 object| jnews_module_31850_14_65de27f9c0f9b object| jnews_module_31850_15_65de27f9c1f3c object| jfla object| thirsty_global_vars object| thirstyFunctions object| tap_gct_vars object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| thirstyGct function| EvEmitter function| imagesLoaded object| jnewsoption object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| vcData function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_ttaToggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| a0_0x4a74 function| a0_0x20ea function| thirstyGoogleClickTrack number| tnsId object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids object| cs object| _cgen object| _cgen_custom object| twemoji object| wp object| addComment object| GoogleGcLKhOms object| google_image_requests object| lstracking

8 Cookies

Domain/Path Name / Value
.getlasso.co/ Name: __cf_bm
Value: uNzN30r9Ve9lWr6ZV.hf5WgnLaF0xxrlQ3MF_5Vym.s-1709058042-1.0-AaDd4ZMse1G8/vgypIsgAA3MrYcV7jkjeqK1krihQ8TJEZbUttc5xdBjHE3Bj+3oJLeR7xPnBxM7CLmSHYDwjGo=
.ballenblogger.com/ Name: _ga_3HXWGKNMTB
Value: GS1.1.1709058042.1.0.1709058042.0.0.0
.ballenblogger.com/ Name: _ga
Value: GA1.2.569996701.1709058043
.ballenblogger.com/ Name: _gid
Value: GA1.2.131070865.1709058043
.ballenblogger.com/ Name: _gat_gtag_UA_42947796_4
Value: 1
ballenblogger.com/ Name: lsid
Value: ls-a7044ef32d846115363c27042f0cec86
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ballenblogger.com/ Name: _jsuid
Value: 93563372

3 Console Messages

Source Level URL
Text
other warning URL: https://ballenblogger.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ballenblogger.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9630299824495654&output=html&adk=1812271804&adf=3025194257&lmt=1709058042&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_r&format=0x0&url=https%3A%2F%2Fballenblogger.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709058042577&bpp=2&bdt=599&idt=210&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=938265250702&frm=20&pv=2&ga_vid=569996701.1709058043&ga_sid=1709058043&ga_hid=1893991587&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42531706%2C95323741%2C95325068%2C95322182%2C95321865%2C95324161&oid=2&pvsid=236692221933551&tmod=1321943823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=231
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ballenblogger.com
ballensbuys.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.getclicky.com
js.getlasso.co
lasso.link
pagead2.googlesyndication.com
region1.google-analytics.com
static.getclicky.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
15.197.142.173
2001:4860:4802:34::36
2606:4700:3033::6815:23b0
2606:4700:3035::6815:51f0
2606:4700::6811:616c
2606:4700::6812:156f
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0b9054225ce5d472bc9ea88a96e3c1759bcb0c4d8d43af5fed9a82b498e2c62d
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
1ec00d4de44764f7895a107aa1f1d92696359512adc6d87360d89e3a014ed265
24bd0f2b4d50d166eddd55599738742e8b5045039d5cfb0b0020f34fd2e607d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
37d893040ede11c0ef4fee4fb66699d7864c3c8b303069458a096d97e04d39df
3c88502c005af32f467062cc0d0fef2f74bc94c7b84436e339fb495e874bba91
40693b8b8aad53c717710dddd10047bcb3d6b0e1aa2180feee00adaa85ec29de
442a9239b049196bd6d97e5b160966548afaf426f59af4179777d8d83551c0dd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a6bf07db4ef8d787f39204589058d32a98c4bc359f9e0116f2f5a6ffc6cf728
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bf97de8ad6bc93b3c21dc853b405253b32668272e36f8624d209ce143681538
5f0f5febb9cefd6c5b25899ca4eb500b1576c7c88f3f7012c9d7f0a7920401f9
6128956e9b0918ccdf7452305962e746c8a2dc7dbf923c39beaf24b5ced3559b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
68dad7414145a626006bdc4cb81c8417762f2caef8a76df95f9f335a9b2b6464
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0a7516653f5beca5c0569bbc12510ff4dbdeefa0bde3cb1ace22df1e537f86
6e79a9578f84d951ec0c304fffaf61fe6b7cac6be987980ba270a3a9bb8b5ba5
74d3e64dffaff7ddf778c36a620b1fdb5d3549284a135f7cd0fe508554f5a01d
760409ac2e87a0017b623daccf869d33c5efd970c2aaeb96fd1f7c50240fd9ff
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e7bcfb161434fc323e8c29e90a0ad3e8cd2a549933352499053debf5f23abbc
858790d2cec41d2c25e5e2e8587ed89f20bf28a126d94fb09b626603e1f3309b
86231787daeb16fd5f8d7628c5f53b94bfeb9261dae2112006060b5bdf1e8b7f
86835a4ef093c7fc3c6d6f1433b669b286b4fb3074f2f15c2a95825269308323
8779150e41758c8077ed4876f73aa8aa9e3a0bc46c9c7eda1b0ae2bc8dc6841d
931d67db3f088cbfe3a32ceb929efc9eef509d37eee681a3700f7d9da0c53517
a3008ea5804a1e826eacf5a521362e2c817fd8656ea5123ed78b3580458571b0
a72347df415140a5f85796136e3a512121e7cf9a16fc91c9197892b545b0ef08
a98d599bf18e955386a593d6a06675db067772e5e93895b47060d954d0d7e8d4
aad27771744b53badb927f7d4c2f285a337fb8049592701f425e1ae4fcaf6619
ae6435457364064642f22a5da37aaaf1f0907ed2ad2cf82d2ee0f30fe4ba6429
b4edd70d08695985c44fb9bb16cc7890e625e4b4a0fb9cffab53b5d8368f3b7a
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b6a0386fedf97fdc1ec3777e8cd75b66a4d1f49d07b8a0b700f3e57962d71a2a
cb1547bfa10f3b67c910439886989a85d858ef60d660b683b1768c4e4e1bf935
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d998c39e9aa323e2dc72730c467f4af963a86ea9ed3e477da6db367f171692c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e573a919f8e75408a135a3e8ccd7218c81b9e2e99621fce71d9527055fd04a3e
ec75f71168dc9bbaf4b7f4f2d00bdabeb2cdeac06618d8f60b6fc10dcb6d15cb
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ede6b71c819412ca1192fe7167617e2eef9c428cabe2e06838669ccabfe54bb9
f2b22b31198d491f66348b81dbe26e460b1990b2629716f73f6bc11e71d61525
f49e16149fd134ecdfc927cebab7226960180071da626926c60d03600d169db9
f9caf0e7693823087cbfccfd60735b68f557fbc4a3c238c1823ff11d59f4aa8b