urlscan.io logo urlscan.io
SecurityTrails logo

www.balcanicodarien.com Open in urlscan Pro
2606:4700:3030::ac43:b602  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://balcanicodarien.com/
Effective URL: https://www.balcanicodarien.com/
Submission: On November 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 17 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3030::ac43:b602, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.balcanicodarien.com.
TLS certificate: Issued by WE1 on November 1st 2024. Valid for: 3 months.
This is the only time www.balcanicodarien.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3030::ac43:b602 (United States)

ASN13335 (CLOUDFLARENET, US)
balcanicodarien.com
www.balcanicodarien.com
1    2a04:4e42:400::720 (United States)

ASN54113 (FASTLY, US)
slicelife.imgix.net
7    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 (None, )

ASN- ()
browser-intake-datadoghq.com
Apex Domain
Subdomains		 Transfer
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
528 KB
6 balcanicodarien.com
balcanicodarien.com
www.balcanicodarien.com
508 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 445
235 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
155 KB
1 browser-intake-datadoghq.com
browser-intake-datadoghq.com
287 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 971
6 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 imgix.net
slicelife.imgix.net — Cisco Umbrella Rank: 235376
65 KB
0 slicelife.cc Failed
fb-conversions-api.slicelife.cc Failed
0 googleadservices.com Failed
www.googleadservices.com Failed
0 c3tag.com Failed
446-ct.c3tag.com Failed
0 mathtag.com Failed
pixel.mathtag.com Failed
0 slicelife.com Failed
slice-web-assets.prod.slicelife.com Failed
consumer.prod.slicelife.com Failed
0 hotjar.com Failed
static.hotjar.com Failed
0 segment.com Failed
cdn.segment.com Failed
49 17
Domain Requested by
7 www.googletagmanager.com www.balcanicodarien.com
www.googletagmanager.com
5 www.balcanicodarien.com www.balcanicodarien.com
4 www.facebook.com www.balcanicodarien.com
4 maps.googleapis.com www.balcanicodarien.com
maps.googleapis.com
2 connect.facebook.net www.balcanicodarien.com
connect.facebook.net
1 browser-intake-datadoghq.com www.balcanicodarien.com
1 region1.google-analytics.com www.balcanicodarien.com
1 cdn.optimizely.com www.balcanicodarien.com
1 www.google.com www.googletagmanager.com
www.balcanicodarien.com
1 slicelife.imgix.net www.balcanicodarien.com
1 balcanicodarien.com 1 redirects
0 fb-conversions-api.slicelife.cc Failed www.balcanicodarien.com
0 www.googleadservices.com Failed www.googletagmanager.com
0 consumer.prod.slicelife.com Failed www.balcanicodarien.com
0 446-ct.c3tag.com Failed www.googletagmanager.com
0 pixel.mathtag.com Failed www.googletagmanager.com
0 slice-web-assets.prod.slicelife.com Failed www.balcanicodarien.com
0 static.hotjar.com Failed www.balcanicodarien.com
0 cdn.segment.com Failed www.balcanicodarien.com
49 19

This site contains links to these domains. Also see Links.

Domain
slicelife.com
www.google.com
go.onelink.me
Subject Issuer Validity Valid
balcanicodarien.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2024 Q4		 2024-10-09 -
2025-11-10		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-17 -
2024-11-15		 3 months crt.sh
cdn.optimizely.com
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-14 -
2025-05-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.balcanicodarien.com/
Frame ID: 0FD301F8326E3DCEE8F718E81D68096F
Requests: 47 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.balcanicodarien.com
Frame ID: F711BACBFB70C16280A40B6D42B375C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Balcanico - Darien, IL - 737 Plainfield Rd - Hours, Menu, Order

Page URL History Show full URLs

  1. https://balcanicodarien.com/ HTTP 301
    https://www.balcanicodarien.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

49
Requests

55 %
HTTPS

100 %
IPv6

17
Domains

19
Subdomains

11
IPs

2
Countries

1501 kB
Transfer

5185 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://balcanicodarien.com/ HTTP 301
    https://www.balcanicodarien.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.balcanicodarien.com/
Redirect Chain
  • https://balcanicodarien.com/
  • https://www.balcanicodarien.com/
126 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
35a76d7d2ab940d25119ba6e7479cdbcd6dec3a34f0418ab58af576d3e72735e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8df5cef8b8e22bcb-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Fri, 08 Nov 2024 13:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOJHdqBpPGx8ca7ZkofczWJ1fvxwNotKN5WpJ%2BbmxTRz7j3iLaOR1N5Z25nqzMpsAhbIO7JNYubglxcp0kns33x7XjSiO30cIWaU%2BPa%2BbeWZUv%2Fgp2M6%2B5G%2B1Q39UJoLTcRylxnQqFSVhIROk0bDN6LlWQnmAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=21825&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4015&recv_bytes=2363&delivery_rate=143837&cwnd=253&unsent_bytes=0&cid=892789b72fb07960&ts=747&x=0"
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8df5cef7bf3d3647-FRA
content-length
167
content-type
text/html
date
Fri, 08 Nov 2024 13:11:21 GMT
expires
Fri, 08 Nov 2024 14:11:21 GMT
location
https://www.balcanicodarien.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwtEU4Kacvyq1S%2FYOVqq34VsJEyzPzY9Id4XtZTwk1HWkySzqExSTxXE23ciQH4r0mC8LNOoxW7GeSKlSLvdNRAL1zPYqq5UNo7v0xm3LA%2BH3eQ4kIlUQ9vQvXVLZTR7mW6E4xnxtERTgrDHNoPwV3h6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24040&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4195&recv_bytes=4344&delivery_rate=126405&cwnd=12000&unsent_bytes=0&cid=2d5011b2c9315e7e&ts=213&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
app-bundle-f2f854beee97379f82d2.css
www.balcanicodarien.com/public/ 		219 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.balcanicodarien.com/public/app-bundle-f2f854beee97379f82d2.css
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43e9f3dbf495c4260b67fedfc1c602cd7b1b306ceabedf371504f3706fbbec3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6706933b-36cbd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iucFVrzbsIlqfVxIHuWfOSKJvCzdvifiBrA70jxd2hMzXAUxya1WqFyD5vxy06s%2BHuXNFYHUhHKMIv5vFHVOYx2D%2FbkSQXusXlDJ8dU8Rcz%2FXSrQpPgkNpsDzbCLEVc3P%2BN8Ol8dAZTmFCNlmbI9VFR0pxG8qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df5cefdccb72bcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=22482&sent=55&recv=21&lost=0&retrans=0&sent_bytes=44402&recv_bytes=2773&delivery_rate=1829812&cwnd=253&unsent_bytes=0&cid=892789b72fb07960&ts=1375&x=0"
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
text/css
last-modified
Wed, 09 Oct 2024 14:29:15 GMT
vary
Accept-Encoding
server
cloudflare
vendor-bundle-a007725c3611a87685ee.css
www.balcanicodarien.com/public/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.balcanicodarien.com/public/vendor-bundle-a007725c3611a87685ee.css
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e691407cfd29085f8054c9cd7449891789867a5ebbf293361d5f8af56fe5a89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6706933b-2e25"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGxJvmmnlIoSKorDVPqouhammvw%2FcaAoo%2BOsRiP2uZnwmTRo7I4ByBKNjyLv1VfdE%2F%2F2l68fctK7CzvW8zUqR7Riqxeo%2BV9fUR6HZz14MBtOh9iNqzQ%2B9biKOpENMBHIGV1ka9FdZP5zxlw0Q2v4Jw4AoJ6RJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df5cefddcb82bcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=22482&sent=50&recv=21&lost=0&retrans=0&sent_bytes=41520&recv_bytes=2773&delivery_rate=1829812&cwnd=253&unsent_bytes=0&cid=892789b72fb07960&ts=1361&x=0"
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
text/css
last-modified
Wed, 09 Oct 2024 14:29:15 GMT
vary
Accept-Encoding
server
cloudflare
vendor-bundle-82ff58aae087944d3aaa.js
www.balcanicodarien.com/public/ 		1 MB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.balcanicodarien.com/public/vendor-bundle-82ff58aae087944d3aaa.js
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd73454d8671f25bdf0c0e66461091d0671e2901a59fded2e48259f5d2ce6e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6706933b-16273e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xU64t9KWeoUx6Hd0f1qYq0vIdZdt3%2FuBEorwGAhVhCCHF4%2FCgm%2BheRI%2B%2BjzkBtSJuSjWls23Z4HGp3Rf7L0b2g7zPFjASQ%2BsB5W0Ns7PpynctfLh9zy%2FsF2%2BSvGfojr5jicJfCYcoAwAXejK75e1KXMy9bs3MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df5cefddcb92bcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20031&sent=85&recv=37&lost=0&retrans=0&sent_bytes=77138&recv_bytes=2773&delivery_rate=1829812&cwnd=253&unsent_bytes=0&cid=892789b72fb07960&ts=1472&x=0"
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 14:29:15 GMT
vary
Accept-Encoding
server
cloudflare
app-bundle-1bd7b696c37036242fbf.js
www.balcanicodarien.com/public/ 		387 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.balcanicodarien.com/public/app-bundle-1bd7b696c37036242fbf.js
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fef72d12631b875db69668d02805ce3a7158c8a9ecff341339ebd32af8af5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6706933b-60d30"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZ6csR8ic2Y5DiaYMTvq8F1NOLWlyf3PwEzl1K52quufybnQTYEbTBLSjPI2vFVOGOOReUjqI4FJxWq9ieH1gOxzRm%2F32cdlxUAX9eoqYiDx7Ng0B3Zt8MXPJK6tSMfIOikduBLE0B2vy8BeVGBhXqBTjV4Yjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df5cefddcbb2bcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=22040&sent=231&recv=77&lost=0&retrans=0&sent_bytes=256663&recv_bytes=2773&delivery_rate=3127252&cwnd=253&unsent_bytes=0&cid=892789b72fb07960&ts=1590&x=0"
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 14:29:15 GMT
vary
Accept-Encoding
server
cloudflare
app-heroes.jpg
slicelife.imgix.net/111643/photos/original/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slicelife.imgix.net/111643/photos/original/app-heroes.jpg?crop=focalpoint&fp-x=0.75&fp-y=0.5&auto=compress%2Cformat&fit=crop&w=1920&h=888
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b66265b4e47bc0ad19c896e5cdd9d38aa7bcd6f281f342357c68d16f04df1c15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

age
67441
x-content-type-options
nosniff
x-cache
HIT
date
Fri, 08 Nov 2024 13:11:22 GMT
last-modified
Thu, 07 Nov 2024 18:27:21 GMT
x-served-by
cache-fra-etou8220147-FRA
vary
Accept, User-Agent
content-type
image/avif
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
65780
server
imgix
x-imgix-id
14a68a9cfe595c60a4342fe6dec82073e130f4de
analytics.min.js
cdn.segment.com/analytics.js/v1/ph2IbrO90ThVuQqY2t4goNmkXQ0e5y2T/ 		0
0
hotjar-1789798.js
static.hotjar.com/c/ 		0
0
gtm.js
www.googletagmanager.com/ 		306 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKNJXKS
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c8286792241cab0840dff16cf6aee23db976a98e0d78969ca8b75839d2da79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 08 Nov 2024 13:11:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105655
x-xss-protection
0
server
Google Tag Manager
GT-America-Standard-Regular.woff2
slice-web-assets.prod.slicelife.com/fonts/GT-America/ 		0
0
GT-America-Standard-Medium.woff2
slice-web-assets.prod.slicelife.com/fonts/GT-America/ 		0
0
EasyNotes.otf
slice-web-assets.prod.slicelife.com/fonts/EasyNotes/ 		0
0
GT-America-Extended-Black.woff2
slice-web-assets.prod.slicelife.com/fonts/GT-America/ 		0
0
JetBrainsCustom-Bold.woff2
slice-web-assets.prod.slicelife.com/fonts/JetBrainsCustom/ 		0
0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.balcanicodarien.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1581050505.1731071483&auid=1849466812.1731071483&npa=1&gtm=45He4b70v78445100za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&tft=1731071483322&tfd=2026&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKNJXKS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers
js
www.googletagmanager.com/gtag/ 		274 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4X2KB58CH2&l=dataLayer&cx=c&gtm=45He4b70v78445100za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKNJXKS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
475d1a6658cb960c190fc10caa20304efbd3105d5ce68d3ebec6da0b1c40e301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 08 Nov 2024 13:11:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98066
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		293 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-826899235&l=dataLayer&cx=c&gtm=45He4b70v78445100za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKNJXKS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1babfbf2373fa2e0e202fb428844ddaf2bb49858a5b0067ddfb3896584edeeb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 08 Nov 2024 13:11:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101795
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		246 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-AW-783853050%2FBBoHCJ3prakBEPrL4vUC%27&l=dataLayer&cx=c&gtm=45He4b70v78445100za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKNJXKS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
078ed8f75f9f685d56ccd08d0cbbd35700b00c5e913c17351507a943e30f16b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 08 Nov 2024 13:11:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90130
x-xss-protection
0
server
Google Tag Manager
js
pixel.mathtag.com/event/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tuEwYlQM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 13:11:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tuEwYlQM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4544, tp=11, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
jD2o8QaTHmiZ2ks/0mpVDguJmVAAt9TM7YsZ/U8XgfnEBFGZ2Rxslejt4qj8f4pMl9AQsUHtsgDOAPBdTHTDtw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62105
x-xss-protection
0
origin-agent-cluster
?1
c3metrics-446.js
446-ct.c3tag.com/ 		0
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame F711 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.balcanicodarien.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKNJXKS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 13:11:23 GMT
expires
Sat, 08 Nov 2025 13:11:23 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
shopping_cart
consumer.prod.slicelife.com/services/core/api/v1/orders/ Frame 		0
0
EiPeHJtBrNYeqGsBySPjg.json
cdn.optimizely.com/datafiles/ 		65 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/datafiles/EiPeHJtBrNYeqGsBySPjg.json
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/public/vendor-bundle-82ff58aae087944d3aaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9c38bfb6c56ebaf16cb190f7d8626a28c9a5f74f4ff56276a6dedccf13dfd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

access-control-max-age
604800
content-encoding
br
cf-cache-status
HIT
etag
W/"1e745bdaf2cef54c5887d49fb11dd11b"
x-amz-version-id
ie6LqlBEBhDi54Omz6I_ob.I_aeLdUa8
access-control-allow-methods
GET, HEAD, OPTIONS
date
Fri, 08 Nov 2024 13:11:23 GMT
x-amz-meta-revision
346
content-type
application/json; charset=utf-8
last-modified
Thu, 07 Nov 2024 17:43:38 GMT
vary
Accept-Encoding
x-amz-id-2
gM1q2UYbeQqk8f9wtQkyxTnUH2xOjUR9GkZIojO14y/EyyfYTTlD7JTB1D+Jrnypn7M09Z61Y2E=
access-control-allow-headers
*
x-amz-replication-status
PENDING
cache-control
max-age=120
x-amz-meta-pci_enabled
False
access-control-allow-credentials
false
x-amz-request-id
PF46NMC09QX4J7E3
cf-ray
8df5cf04fb58d398-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
js
maps.googleapis.com/maps/api/ 		385 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyA8AGa2VpPrzYoVsazYdA0v8Wxlwojmcwc&libraries=places
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/public/app-bundle-1bd7b696c37036242fbf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
a8535a28c0337d7d352db3f7a9130937055ee0b0e6503e2aea1bb6f8ffe8ba79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
7e290a79
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123616
date
Fri, 08 Nov 2024 13:11:23 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
shopping_cart
consumer.prod.slicelife.com/services/core/api/v1/orders/ 		0
0
/
www.googleadservices.com/pagead/conversion/826899235/ 		0
0
destination
www.googletagmanager.com/gtag/ 		245 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-AW-783853050&l=dataLayer&cx=c&gtm=45je4b70v9196972115za200zb78445100
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4X2KB58CH2&l=dataLayer&cx=c&gtm=45He4b70v78445100za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2675a4d8d2d0bc381598e0e5580f83d4eded45559530cd94435a27dd0168e6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 08 Nov 2024 13:11:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90026
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4X2KB58CH2&gtm=45je4b70v9196972115z878445100za200zb78445100&_p=1731071483043&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=2120411815.1731071484&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731071484&sct=1&seg=0&dl=https%3A%2F%2Fwww.balcanicodarien.com%2F&dt=Balcanico%20-%20Darien%2C%20IL%20-%20737%20Plainfield%20Rd%20-%20Hours%2C%20Menu%2C%20Order&en=page_view&_fv=1&_nsi=1&_ss=1&ep.last_click_id=&ep.last_utm_campaign=&ep.last_utm_medium=(none)&ep.last_utm_source=(direct)&ep.last_referred_from=www.balcanicodarien.com&ep.last_utm_content=&ep.last_utm_term=&up.first_click_id=&up.first_landing_page=https%3A%2F%2Fwww.balcanicodarien.com%2F&up.first_utm_campaign=&up.first_utm_medium=(none)&up.first_utm_source=(direct)&up.first_referred_from=www.balcanicodarien.com&up.first_utm_content=&up.first_utm_term=&tfd=2810
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/public/vendor-bundle-82ff58aae087944d3aaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.balcanicodarien.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
text/plain
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=siloed_AW-AW-783853050&l=dataLayer&cx=c&gtm=45je4b70v9196972115za200zb78445100
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4X2KB58CH2&l=dataLayer&cx=c&gtm=45He4b70v78445100za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dfa4673c9e5dad48c70a3f720a9b160ab108ce985596ade5af607a6b76f9f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 08 Nov 2024 13:11:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
53243
x-xss-protection
0
server
Google Tag Manager
237047493413416
connect.facebook.net/signals/config/ 		312 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/237047493413416?v=2.9.176&r=stable&domain=www.balcanicodarien.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8af89dbd54982fc2b8da58b09c8cd83a57ccbe56a5b82a2c4a37361c14511c0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-VBB1F0KD' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-VBB1F0KD' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=77, mss=1232, tbw=70400, tp=67, tpl=0, uplat=486, ullat=0
pragma
public
x-fb-debug
GRBnDUoN6hzicz5FRa/1vV53Z2lBpkesWKOY+scph/VFObcd+YfiBxZfBSZQy+LfAnwOdrvkbQ/tCXZmwHQVUQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/public/vendor-bundle-82ff58aae087944d3aaa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.balcanicodarien.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Fri, 08 Nov 2024 13:11:24 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
fb-conversions-api.slicelife.cc/events/ 		0
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=237047493413416&ev=PageView&dl=https%3A%2F%2Fwww.balcanicodarien.com%2F&rl=&if=false&ts=1731071484779&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731071484776.258955869431159531&eid=ob3_plugin-set_66638ad1abbbfdeadd87ba40b3d74c6de9382317c0a52204e7487a46f1839168&cs_est=true&ler=empty&cdl=API_unavailable&it=1731071484180&coo=false&rqm=GET
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=2970, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=237047493413416&ev=PageView&dl=https%3A%2F%2Fwww.balcanicodarien.com%2F&rl=&if=false&ts=1731071484779&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731071484776.258955869431159531&eid=ob3_plugin-set_66638ad1abbbfdeadd87ba40b3d74c6de9382317c0a52204e7487a46f1839168&cs_est=true&ler=empty&cdl=API_unavailable&it=1731071484180&coo=false&rqm=FGET
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434895412443783535"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Cc+GxFWw9kDu1dp+mGsEik99IRBa7LkE7ZN3L6a8KgoN1bB8yWKGQQQaffZ1QeZmsiWx4kNf782C5BJsr0eWUg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434895412443783535", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=18, mss=1328, tbw=3413, tp=-1, tpl=-1, uplat=116, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
fb-conversions-api.slicelife.cc/events/ 		0
0
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=237047493413416&ev=PartnerPageView&dl=https%3A%2F%2Fwww.balcanicodarien.com%2F&rl=&if=false&ts=1731071484782&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12318&fbp=fb.1.1731071484776.258955869431159531&eid=ob3_plugin-set_bd2e3a50fd741ec9a237ca6bcf1452a69a37616351f3588b004a8cceeb785be6&ler=empty&cdl=API_unavailable&it=1731071484180&coo=false&rqm=GET
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=3257, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 08 Nov 2024 13:11:24 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=237047493413416&ev=PartnerPageView&dl=https%3A%2F%2Fwww.balcanicodarien.com%2F&rl=&if=false&ts=1731071484782&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12318&fbp=fb.1.1731071484776.258955869431159531&eid=ob3_plugin-set_bd2e3a50fd741ec9a237ca6bcf1452a69a37616351f3588b004a8cceeb785be6&ler=empty&cdl=API_unavailable&it=1731071484180&coo=false&rqm=FGET
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434895411609364791"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1f1c819f120f8de9","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3290114524432164"]},"debug_reporting":true,"debug_key":"1660916034217440219"}
date
Fri, 08 Nov 2024 13:11:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ph/nX2QhH4vf9VKLVsX87wu26/lUzO//6Hfsc8FhOYZ8bxNSBW+bdlVebzCMi0G3WuyvDkr4aR3TlqXNWnUoQA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434895411609364791", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=18, mss=1328, tbw=6192, tp=-1, tpl=-1, uplat=168, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
common.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/ 		267 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyA8AGa2VpPrzYoVsazYdA0v8Wxlwojmcwc&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415683bd714195a6f4c3c6d729c1e8f5061a26b5edf54cc5ac1317ad3309d7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
age
159039
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 17:00:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 17:00:50 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56957
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyA8AGa2VpPrzYoVsazYdA0v8Wxlwojmcwc&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f997e0f2a67fae6c99b9466b56e583964feecb57b1635eaf35b4c8fbcc510919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.balcanicodarien.com/

Response headers

content-encoding
br
age
159039
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 17:00:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 17:00:50 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
59598
x-xss-protection
0
server
sffe
GT-America-Extended-Black.woff
slice-web-assets.prod.slicelife.com/fonts/GT-America/ 		0
0
JetBrainsCustom-Bold.woff
slice-web-assets.prod.slicelife.com/fonts/JetBrainsCustom/ 		0
0
GT-America-Standard-Regular.woff
slice-web-assets.prod.slicelife.com/fonts/GT-America/ 		0
0
GT-America-Standard-Medium.woff
slice-web-assets.prod.slicelife.com/fonts/GT-America/ 		0
0
EasyNotes.ttf
slice-web-assets.prod.slicelife.com/fonts/EasyNotes/ 		0
0
b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
fb-conversions-api.slicelife.cc/events/ 		0
0
b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
fb-conversions-api.slicelife.cc/events/ 		0
0
/
www.google.com/pagead/1p-conversion/826899235/ 		0
0
logs
browser-intake-datadoghq.com/api/v2/ 		53 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-datadoghq.com/api/v2/logs?ddsource=browser&ddtags=sdk_version%3A5.4.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Adirect-web&dd-api-key=pub3fbbe260da7b8611755d0afee262a1c6&dd-evp-origin-version=5.4.0&dd-evp-origin=browser&dd-request-id=52a87d68-b70f-4f4e-82c1-3251a5ef1136
Requested by
Host: www.balcanicodarien.com
URL: https://www.balcanicodarien.com/public/vendor-bundle-82ff58aae087944d3aaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:24e6:b901:72e3:1bfe:b271:96b2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
38a74f5747e273992ba9d6d3411ee5984c2e84d6f335eef954414d2bac375793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.balcanicodarien.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Fri, 08 Nov 2024 13:11:56 GMT
content-type
application/json
dd-request-id
52a87d68-b70f-4f4e-82c1-3251a5ef1136

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.segment.com
URL
https://cdn.segment.com/analytics.js/v1/ph2IbrO90ThVuQqY2t4goNmkXQ0e5y2T/analytics.min.js
Domain
static.hotjar.com
URL
https://static.hotjar.com/c/hotjar-1789798.js?sv=6
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/GT-America/GT-America-Standard-Regular.woff2
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/GT-America/GT-America-Standard-Medium.woff2
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/EasyNotes/EasyNotes.otf
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/GT-America/GT-America-Extended-Black.woff2
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/JetBrainsCustom/JetBrainsCustom-Bold.woff2
Domain
pixel.mathtag.com
URL
https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=229050
Domain
446-ct.c3tag.com
URL
https://446-ct.c3tag.com/c3metrics-446.js
Domain
consumer.prod.slicelife.com
URL
https://consumer.prod.slicelife.com/services/core/api/v1/orders/shopping_cart
Domain
consumer.prod.slicelife.com
URL
https://consumer.prod.slicelife.com/services/core/api/v1/orders/shopping_cart
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion/826899235/?random=1731071483997&cv=11&fst=1731071483997&bg=ffffff&guid=ON&async=1&gtm=45be4b70v889497271z878445100za201zb78445100&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.balcanicodarien.com%2F&label=0cNtCK_1m54BEKP2pYoD&hn=www.googleadservices.com&frm=0&tiba=Balcanico%20-%20Darien%2C%20IL%20-%20737%20Plainfield%20Rd%20-%20Hours%2C%20Menu%2C%20Order&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1849466812.1731071483&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Domain
fb-conversions-api.slicelife.cc
URL
https://fb-conversions-api.slicelife.cc/events/b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
Domain
fb-conversions-api.slicelife.cc
URL
https://fb-conversions-api.slicelife.cc/events/b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/GT-America/GT-America-Extended-Black.woff
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/JetBrainsCustom/JetBrainsCustom-Bold.woff
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/GT-America/GT-America-Standard-Regular.woff
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/GT-America/GT-America-Standard-Medium.woff
Domain
slice-web-assets.prod.slicelife.com
URL
https://slice-web-assets.prod.slicelife.com/fonts/EasyNotes/EasyNotes.ttf
Domain
fb-conversions-api.slicelife.cc
URL
https://fb-conversions-api.slicelife.cc/events/b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
Domain
fb-conversions-api.slicelife.cc
URL
https://fb-conversions-api.slicelife.cc/events/b7c677deacd7e73985b45c495ea82b8afab4e381d921a4fadb613297baeaf5e5
Domain
www.google.com
URL
https://www.google.com/pagead/1p-conversion/826899235/?random=1731071483997&cv=11&fst=1731071483997&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v889497271z878445100za201zb78445100&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.balcanicodarien.com%2F&label=0cNtCK_1m54BEKP2pYoD&hn=www.googleadservices.com&frm=0&tiba=Balcanico%20-%20Darien%2C%20IL%20-%20737%20Plainfield%20Rd%20-%20Hours%2C%20Menu%2C%20Order&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1849466812.1731071483&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=1&sscte=1&ct_cookie_present=1

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| _loadTimeStartedAt object| env object| _initialDataContext object| analytics function| hj object| _hjSettings object| dataLayer object| google_tag_manager object| google_tag_data function| getTrafficSrcCookie object| trafficSrcCookie object| MathTag function| fbq function| _fbq object| __LOADABLE_LOADED_CHUNKS__ object| DD_LOGS object| GooglebQhCsO object| gaGlobal object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| regeneratorRuntime

7 Cookies

Domain/Path Name / Value
.balcanicodarien.com/ Name: traffic_src
Value: {"ga_gclid":"","ga_msclkid":"","ga_ob_click_id":"","ga_li_fat_id":"","ga_fbclid":"","ga_twclid":"","ga_source":"(direct)","ga_medium":"(none)","ga_campaign":"","ga_content":"","ga_keyword":"","referred_from":"www.balcanicodarien.com","ga_landing_page":"https://www.balcanicodarien.com/"}
.balcanicodarien.com/ Name: last_traffic_src
Value: {"ga_gclid":"","ga_msclkid":"","ga_ob_click_id":"","ga_li_fat_id":"","ga_fbclid":"","ga_twclid":"","ga_source":"(direct)","ga_medium":"(none)","ga_campaign":"","ga_content":"","ga_keyword":"","referred_from":"www.balcanicodarien.com","ga_landing_page":"https://www.balcanicodarien.com/"}
.balcanicodarien.com/ Name: _gcl_au
Value: 1.1.1849466812.1731071483
.balcanicodarien.com/ Name: _ga_4X2KB58CH2
Value: GS1.1.1731071484.1.0.1731071484.0.0.0
.balcanicodarien.com/ Name: _ga
Value: GA1.1.2120411815.1731071484
.balcanicodarien.com/ Name: _fbp
Value: fb.1.1731071484776.258955869431159531
www.balcanicodarien.com/ Name: _dd_s
Value: logs=1&id=2dfd3862-2719-47e9-b340-d6492c462148&created=1731071483619&expire=1731072383619

1 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/pagead/1p-conversion/826899235/?random=1731071483997&cv=11&fst=1731071483997&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v889497271z878445100za201zb78445100&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.balcanicodarien.com%2F&label=0cNtCK_1m54BEKP2pYoD&hn=www.googleadservices.com&frm=0&tiba=Balcanico%20-%20Darien%2C%20IL%20-%20737%20Plainfield%20Rd%20-%20Hours%2C%20Menu%2C%20Order&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1849466812.1731071483&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&gcp=1&sscte=1&ct_cookie_present=1
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

446-ct.c3tag.com
balcanicodarien.com
browser-intake-datadoghq.com
cdn.optimizely.com
cdn.segment.com
connect.facebook.net
consumer.prod.slicelife.com
fb-conversions-api.slicelife.cc
maps.googleapis.com
pixel.mathtag.com
region1.google-analytics.com
slice-web-assets.prod.slicelife.com
slicelife.imgix.net
static.hotjar.com
www.balcanicodarien.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
446-ct.c3tag.com
cdn.segment.com
consumer.prod.slicelife.com
fb-conversions-api.slicelife.cc
pixel.mathtag.com
slice-web-assets.prod.slicelife.com
static.hotjar.com
www.google.com
www.googleadservices.com
2001:4860:4802:32::36
2600:1f18:24e6:b901:72e3:1bfe:b271:96b2
2606:4700:3030::ac43:b602
2606:4700::6812:4139
2a00:1450:4001:806::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::720
078ed8f75f9f685d56ccd08d0cbbd35700b00c5e913c17351507a943e30f16b7
1babfbf2373fa2e0e202fb428844ddaf2bb49858a5b0067ddfb3896584edeeb2
2675a4d8d2d0bc381598e0e5580f83d4eded45559530cd94435a27dd0168e6ed
35a76d7d2ab940d25119ba6e7479cdbcd6dec3a34f0418ab58af576d3e72735e
38a74f5747e273992ba9d6d3411ee5984c2e84d6f335eef954414d2bac375793
3c8286792241cab0840dff16cf6aee23db976a98e0d78969ca8b75839d2da79e
3cd73454d8671f25bdf0c0e66461091d0671e2901a59fded2e48259f5d2ce6e4
415683bd714195a6f4c3c6d729c1e8f5061a26b5edf54cc5ac1317ad3309d7e2
475d1a6658cb960c190fc10caa20304efbd3105d5ce68d3ebec6da0b1c40e301
60fef72d12631b875db69668d02805ce3a7158c8a9ecff341339ebd32af8af5d
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
7b9c38bfb6c56ebaf16cb190f7d8626a28c9a5f74f4ff56276a6dedccf13dfd9
7dfa4673c9e5dad48c70a3f720a9b160ab108ce985596ade5af607a6b76f9f49
8af89dbd54982fc2b8da58b09c8cd83a57ccbe56a5b82a2c4a37361c14511c0b
9e691407cfd29085f8054c9cd7449891789867a5ebbf293361d5f8af56fe5a89
a8535a28c0337d7d352db3f7a9130937055ee0b0e6503e2aea1bb6f8ffe8ba79
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b66265b4e47bc0ad19c896e5cdd9d38aa7bcd6f281f342357c68d16f04df1c15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f43e9f3dbf495c4260b67fedfc1c602cd7b1b306ceabedf371504f3706fbbec3
f997e0f2a67fae6c99b9466b56e583964feecb57b1635eaf35b4c8fbcc510919