baliagraha.com Open in urlscan Pro
2606:4700:3031::6815:29b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://baliagraha.com/
Submission: On June 10 via automatic, source certstream-suspicious (June 10th 2021, 10:17:48 pm UTC)

Summary HTTP 146 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 146 HTTP transactions. The main IP is 2606:4700:3031::6815:29b, located in United States and belongs to CLOUDFLARENET, US. The main domain is baliagraha.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.

This is the only time baliagraha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::6815:29b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
33	2606:4700::68... 2606:4700::6812:eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:48ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.64.199 104.22.64.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.252.99.244 198.252.99.244	20068 (HAWKHOST) (HAWKHOST)
1	156.67.220.227 156.67.220.227	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
52	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
146	20

9 2606:4700:3031::6815:29b (United States)

ASN13335 (CLOUDFLARENET, US)

baliagraha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700::6812:eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:48ef (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cms.pgimgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.64.199 (United States)

ASN13335 (CLOUDFLARENET, US)

blogpictures.99.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.252.99.244 (Dallas, United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.99.244-static.reverse.arandomserver.com

rumahminimalisan.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.67.220.227 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)

pesangorden.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

vlry5l4j5gbn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	802 KB
33	pinimg.com i.pinimg.com	7 MB
18	doubleclick.net googleads.g.doubleclick.net	151 KB
9	google.com 4 redirects adservice.google.com www.google.com	1 KB
9	baliagraha.com baliagraha.com	88 KB
5	googletagservices.com www.googletagservices.com	176 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	google.de adservice.google.de	975 B
1	2mdn.net s0.2mdn.net	23 KB
1	vlry5l4j5gbn.com vlry5l4j5gbn.com
1	googleadservices.com partner.googleadservices.com	659 B
1	pesangorden.id pesangorden.id	15 KB
1	rumahminimalisan.info rumahminimalisan.info	38 KB
1	99.co blogpictures.99.co	84 KB
1	pgimgs.com cdn-cms.pgimgs.com	111 KB
146	15

	Domain	Requested by
52	tpc.googlesyndication.com	baliagraha.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
33	i.pinimg.com	baliagraha.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com baliagraha.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	baliagraha.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	baliagraha.com	baliagraha.com
7	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	baliagraha.com
1	vlry5l4j5gbn.com	baliagraha.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pesangorden.id	baliagraha.com
1	rumahminimalisan.info	baliagraha.com
1	blogpictures.99.co	baliagraha.com
1	cdn-cms.pgimgs.com	baliagraha.com
146	18

This site contains links to these domains. Also see Links.

Domain
i.pinimg.com
cdn-cms.pgimgs.com
rumahminimalisan.info
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.pinimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-08` - `2022-07-09`	a year	crt.sh
*.pgimgs.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-15` - `2022-04-07`	a year	crt.sh
*.rumahminimalisan.info R3	`2021-05-25` - `2021-08-23`	3 months	crt.sh
pesangorden.id Sectigo RSA Domain Validation Secure Server CA	`2021-01-09` - `2022-02-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
vlry5l4j5gbn.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
histats.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://baliagraha.com/
Frame ID: 0D9A5025232C00360BCFE3B8E32A2E40
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 57477288EE34A7B87B5673E8AF1D9FE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&adk=1812271804&adf=3025194257&lmt=1623363441&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbaliagraha.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441374&bpp=5&bdt=75&idt=68&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4579679858446&frm=20&pv=2&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141
Frame ID: D551AC1495D9587D92E5E5C1AFB1E89C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18
Frame ID: 1030D12773D0F0F28022E575B8E16BCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76
Frame ID: 3E26C6F1CFF8F06C70848EEBC6A8156A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80
Frame ID: F98CB01D97A65DF583E25D83E9AA2481
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83
Frame ID: FC9A8B1B9ADADDDAC6E771FE4CAF2899
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html
Frame ID: 69C069DB511F28ED1FAEBF894F5789A2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C5eeRcY_CYND2PMKlrATi_qX4DpG-7Jte_fr9yIIKntDIz-ABEAEgoZndCWCViriCyAegAYfoq_QCyAEJqQLhSqvxym20PqgDAcgDSKoEwAFP0I7Ub-nC4-eo_ycfdN0Su_iAEqFWGrlVKiG2sB5wcyQM6SEohLKCqO9W54rYrSq32XO1duNxeyJ-6ZWX2ociIy9dBCqV2pIXRGiagt_aTfzFRgC5TCdZxjyoGEmAOAXxS5F-omimzhNb3FDlbM3_KpMlF61OZ6VsYBfJWpYkvGB1fbUZ8-bp0XVNb7vIpCBNTYFMIU4WxkgIfhPbxdHl9Zg0aganWB93Mt3_5t_JBZsTYqMsxMNiY6KI8baPi5TABJD9mrmkApIFBAgEGAGSBQQIBRgEoAYugAfgltOLAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDq8AnSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItOTcwMTYyMzIwNzk1NzY0OA&sigh=OBjHzXN_ySg&template_id=419
Frame ID: 80229C5937E80483DBAF055668DD1D14
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Frame ID: DDC47BCEE701537320BE494C598EB8CE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CLi0rcY_CYM7LL9WNrATnxLLAD42k8qRh7qqD3qsNkO_Ex50WEAEgoZndCWCViriCyAegAaPWsMQDyAEJqQLhSqvxym20PqgDAcgDSKoEsgFP0CtKQHr5gQFUTb7ZdE47adihgOyLjBH6X4uENt5R7V4dsBwiqg1WWkkkZSPNURDbZwU3WRAX0Nn1c8U09MLrA0MMVqzkNrLUNJGceBEIdCdDOmDsczwENu7ffkutWZrYUO_7-ghLlkfeV__hcydlw9yXCahzxHh2VujeeBNI7wBrwXe2AEtPaCK6OSNS7XKDicvEIS2LacBr4b95NsTpneIuuME4B6gS4ObCCcYQD2rAwATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD8_AfSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItOTcwMTYyMzIwNzk1NzY0OA&sigh=hlOP7YYH10c&template_id=419
Frame ID: 6B8EA984BBACF1FEA592E3FB7756172D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5C238BF7CDD204C7F2B5ABC549AACB9B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html
Frame ID: 85CFC90F5E1AA9E0C17E804ABFE29FE1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C4csfco_CYKsSmpTeA-_rrLgFkb7sm16FxrrNhAqe0MjP4AEQASChmd0JYJWKuILIB6ABh-ir9ALIAQmpAuFKq_HKbbQ-qAMByANIqgTAAU_QzmR-u58JTwUwiBjmbTTv06MuNgoE9ri46mxAf5BzWzXTeyt_58ynBkIi315qqaN4hqh4dCX_eMgQZkbr4pxzxIXiPIMgqzUdASc7qTH6pVNpPoyJlBrw5juxs0sriUoHcCfZKyCPJXez9koZ9joke4oYJ7J26nuw9n3Y1-KHWjd8RbjzfUx5u0aQTNMkNJGkiVBPmZZrwNMqsR0DcnEav3T0OvDVXgCpvXp2pJi4DpccVRCQywNhIXxYFuQPh8AEkP2auaQCkgUECAQYAZIFBAgFGASgBi6AB-CW04sBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJPHEdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi05NzAxNjIzMjA3OTU3NjQ4&sigh=ZG0Ek__PX_A&template_id=419
Frame ID: 1ACD68122AB378AEF9377D12CC2BB54B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1EA4E293E503CCF5FB7D19084FC68E8D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4E71414AB512EFE6E0B1914AF2FF0067
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html
Frame ID: 89C9ED35F2E07A76075A9224844BFA65
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C5JzscY_CYKjTPNiHjuwPupG6gAeRvuybXv2eus2ECp7QyM_gARABIKGZ3QlglYq4gsgHoAGH6Kv0AsgBCakCvgasDeJrtD6oAwHIA0iqBLoBT9BaNjjv9ZlhXTk1Yj8IwRdW3r23sldAB_UZ_zy2QxYQnzXL1ssL_V16FWvJc036RxjG47JtfF6LcaH_ijkO8rGY4qSi092VN2u-ot1yOwu0c-x4Ym_EFfVUpMLHy7VeVXGoMNnBc_ZvQZo7nIp0WSB1255p33oUt3E5GPgTBUCpQayV-G4v7lSa0tOZYc8CqJZYVv-zeII-oXhsIoRS5qSFqoBmoLVY6SlRLIBbWNebRONLVP0PWtSgwASQ_Zq5pAKSBQQIBBgBkgUECAUYBKAGLoAH4JbTiwGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQz9oW0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTk3MDE2MjMyMDc5NTc2NDg&sigh=T-LosV811rY&template_id=419
Frame ID: 24982143E18343EBA52A63D2E4ECB6C8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 20C3C27DDDB1FB5E3160FEB09026CE07
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 2E43F93FECF863D757E4BA3CB630C748
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2F63B00A0C4ACBB9A10596DE50ED8A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

146
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

18
Subdomains

20
IPs

5
Countries

8672 kB
Transfer

10275 kB
Size

1
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://i.pinimg.com/originals/4e/e0/e4/4ee0e4c582aa424fd4cb1e1f26ce7633.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/474x/06/4f/95/064f95aa8fdfc916569a460158315e89.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/0b/5b/a3/0b5ba3ed3ef6a35ab554ba41b2a04aab.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/d0/da/72/d0da7225b599fa6ba1a8b340470f63cd.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/1f/b2/2a/1fb22a51a8367d495fa492b7e478c1f6.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/736x/72/75/0c/72750cbaaf02bb6e65bbce776fa24572.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/f9/6a/14/f96a14f61727acbff20ec83d184e8cd2.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/474x/65/53/5a/65535ada253bfd80a546fc741841ce49.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/7b/0c/5b/7b0c5b8d4c22120e8134527389612b6d.png

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/7b/10/55/7b105538ea162b2c4badf91294bd3f5a.jpg

Search URL Search Domain Scan URL

URL: https://cdn-cms.pgimgs.com/static/2019/04/Ukuran-Tempat-Tidur-1.png

Search URL Search Domain Scan URL

URL: https://rumahminimalisan.info/wp-content/uploads/2019/01/desain-warna-cat-kamar-tidur-yang-menenangkan.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/18/d5/ad/18d5adce2a0e5a32b4a0026e061197e2.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/a9/3b/e0/a93be06437348de6fb9aa73392b77c15.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/c1/0a/0f/c10a0f460aea93d7844721b6c5409a91.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/4c/56/db/4c56dbcbf63f343024eb3ed7c7fa6b96.jpg

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/9e/57/9e/9e579e005e9701af628bb0074786bb84.png

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/70/11/29/701129e4a12017c39f579518a6a23c16.png

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/ef/ef/29/efef29a0ee7a38da170a73804fd5d52b.png

Search URL Search Domain Scan URL

URL: https://i.pinimg.com/originals/9a/c6/01/9ac601ccd06143b9e8928919c0f17311.jpg

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

146 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
baliagraha.com/ 194 KB
32 KB 313ms
278ms Document
text/html 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8d17b5435f44c28b661bae94b741e988ddf10c4f5269579a904a37321748d03

Request headers

:method: GET
:authority: baliagraha.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://baliagraha.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 0a9999697c000005fdf8ad9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8stakcH7SzAfnRlQ2Y5xf9BmdBEdIHJRIgwOnnQUiUL3Xpe4YcvUzviKhjSLduq52QUCENLIgqXKIVHIN39ogLumwiEt1s7I0yye56kTajyfMATphMFpev8eM1llfVCLlubyAS95lqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65d5f8225e3205fd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b10336dfd25f2124f44e5c6e0003c3ea4c8b250f198791a052aa999bcf02e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48391
x-xss-protection: 0
server: cafe
etag: 9057635387429138617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:17:21 GMT

GET
H3-29 200 style.min.css
baliagraha.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 324ms
311ms Stylesheet
text/css 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996aa40000dfeb970c5000000001
last-modified: Tue, 23 Feb 2021 00:14:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y%2ByfQvClWGSQ6pCEASY4AlfKmv07huJkaAHJ2rXp9qH9fi6ZM7%2BTLLkiZKVF7QxC28CBnrlZ%2BByaCpA8L967lGtHx0k7ymWDbatJtzMFzGCjHhPuN9qmqUnBk%2FWfrYJB%2BIg2PZZ6%2Bp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f82438d5dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 main.min.css
baliagraha.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 330ms
318ms Stylesheet
text/css 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.2
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69

Request headers

:path: /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996aa30000dfeb9bbd1000000001
last-modified: Thu, 14 Jan 2021 21:30:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=flnZqCtV7taEAxCpXltTDJu1PvG97SFi6DzCPPA5SEfZaXE%2FoNCEs5K24PoClwD1PW6ChsKhZcyNjll71axZXmssp47YO203a5seeWrqQrHkZhV1y7mtjCfOMHOAAXKvxwmv5g0A0H8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f82438d2dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H2 200 4ee0e4c582aa424fd4cb1e1f26ce7633.jpg
i.pinimg.com/originals/4e/e0/e4/ 55 KB
55 KB 152ms
130ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/4e/e0/e4/4ee0e4c582aa424fd4cb1e1f26ce7633.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eea6d9b594d7a5cf46ff223363aff6281cb8185e2501e9848a03715d0ebb52b

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "3c421680d60b35d2eee36eb497974152"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441357
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8247e071766-FRA
content-length: 56463
cf-request-id: 0a99996ac70000176640a91000000001
server: cloudflare
origin-latency: 109

GET
H2 200 064f95aa8fdfc916569a460158315e89.jpg
i.pinimg.com/474x/06/4f/95/ 29 KB
29 KB 228ms
206ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/474x/06/4f/95/064f95aa8fdfc916569a460158315e89.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95619d6c3571cdb4b82b0047ed3abb9b83ec247a2add70ad066f93127b9f6016

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "78e61c7f252a5862d0592426ec4bd3f9"
x-cdn: cloudflare
edge-start: 1623363441361
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8247e0c1766-FRA
content-length: 29208
cf-request-id: 0a99996acb0000176646a7d000000001
server: cloudflare
origin-latency: 176

GET
H2 200 13cfc178eae55cd934dd61eb1cf3eea5.jpg
i.pinimg.com/originals/13/cf/c1/ 120 KB
120 KB 151ms
130ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/13/cf/c1/13cfc178eae55cd934dd61eb1cf3eea5.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9431b6bfd54952bbc31fea5a9594829b7619d6bb8c4e7f6c550f22059dc73403

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "ffec0ec300558376bee28803a31d9582"
x-cdn: cloudflare
edge-start: 1623363441358
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8247e0e1766-FRA
content-length: 123034
cf-request-id: 0a99996ac700001766749e1000000001
server: cloudflare
origin-latency: 106

GET
H2 200 0b5ba3ed3ef6a35ab554ba41b2a04aab.jpg
i.pinimg.com/originals/0b/5b/a3/ 189 KB
189 KB 245ms
224ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0b/5b/a3/0b5ba3ed3ef6a35ab554ba41b2a04aab.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8c753a9fb58a91c132acabfb9d8b74f133a94b0d965dff73643d87bd5a8fb04

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "31420ae217e5d3ee6f84a06243eb7808"
x-cdn: cloudflare
edge-start: 1623363441356
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8247e0f1766-FRA
content-length: 193223
cf-request-id: 0a99996ac8000017669405e000000001
server: cloudflare
origin-latency: 203

GET
H2 200 14d6e6e2e3c76c04efa0201545156b53.jpg
i.pinimg.com/originals/14/d6/e6/ 113 KB
113 KB 151ms
130ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/14/d6/e6/14d6e6e2e3c76c04efa0201545156b53.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0eab2b39512fe3fd21f4d6473c2070b2308a9146ff4cc2ee2c4bb147b6bd348

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "a19938fe02676ae6e27b66bc25008613"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441371
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8247e141766-FRA
content-length: 115365
cf-request-id: 0a99996ad4000017665801b000000001
server: cloudflare
origin-latency: 96

GET
H2 200 d0da7225b599fa6ba1a8b340470f63cd.jpg
i.pinimg.com/originals/d0/da/72/ 66 KB
66 KB 68ms
47ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d0/da/72/d0da7225b599fa6ba1a8b340470f63cd.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec92fb743437a2909de4ed6546d52e8423cb6b98560efb4d0285ea8097dc20d

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "313e997ecfdb68f94cc405cc8a3986f0"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441368
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8247e311766-FRA
content-length: 67425
cf-request-id: 0a99996ad400001766b1110000000001
server: cloudflare
origin-latency: 21

GET
H2 200 45e7b5ff9c3b09d6e145d8194a0263e7.jpg
i.pinimg.com/736x/45/e7/b5/ 47 KB
47 KB 123ms
123ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/45/e7/b5/45e7b5ff9c3b09d6e145d8194a0263e7.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e6aedff4be638ebea4139b935cea0478274f60bc289e2336c59a0e8de0d466

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "0a1f3cc34df712aef5f58b3b848ab8dd"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441369
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8248e351766-FRA
content-length: 47810
cf-request-id: 0a99996ad50000176640a92000000001
server: cloudflare
origin-latency: 97

GET
H3-29 200 wp-emoji-release.min.js Show response
baliagraha.com/wp-includes/js/ 14 KB
5 KB 289ms
289ms Script
application/javascript 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.4
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996ab50000dfebcc3f3000000001
last-modified: Thu, 04 Feb 2021 00:13:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=68%2F%2Fgc3dy1rS8sBFSg2m0caPqbFLtm%2BurHtU7iUr%2FVdmApJ8z6sqTFFYO7yrqpClq0GX20ghL7LZYO37VIcq2HKEJy%2FKcAU6t17nZnQqSopn0m6UHB1EGThq7hIcCb1hWprghQjRxLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f82458f5dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 231 KB
85 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9701623207957648&plah=baliagraha.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:17:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 5747 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 10 Jun 2021 20:40:48 GMT
expires: Thu, 24 Jun 2021 20:40:48 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 5793
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1fb22a51a8367d495fa492b7e478c1f6.jpg
i.pinimg.com/originals/1f/b2/2a/ 52 KB
52 KB 310ms
307ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1f/b2/2a/1fb22a51a8367d495fa492b7e478c1f6.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b93074385b262944408f921e3aece68cf052e7f3869500ac61d47f73dcfcb9f

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "0a414f4f63ee0aa5b5d3be0f45ec7c17"
x-cdn: cloudflare
edge-start: 1623363441440
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824fefd1766-FRA
content-length: 53465
cf-request-id: 0a99996b1c00001766a4ba6000000001
server: cloudflare
origin-latency: 288

GET
H2 200 18ac8bae5b2590d70c293fe748c44fad.jpg
i.pinimg.com/originals/18/ac/8b/ 16 KB
16 KB 109ms
106ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/18/ac/8b/18ac8bae5b2590d70c293fe748c44fad.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5279d058730b788c3b13532e546144ca99bc765515f6f278e949736754250ca8

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "416d1487f0b20fd3de5074cd20152146"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441442
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff001766-FRA
content-length: 16477
cf-request-id: 0a99996b1d000017667102a000000001
server: cloudflare
origin-latency: 91

GET
H2 200 72750cbaaf02bb6e65bbce776fa24572.jpg
i.pinimg.com/736x/72/75/0c/ 60 KB
60 KB 244ms
240ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/72/75/0c/72750cbaaf02bb6e65bbce776fa24572.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3623222efb457c64d31650cf09ec10d7842a942e69202878e3197ee32d41b68e

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "815ea21d940a0e16a59bc2c13d8a080a"
x-cdn: cloudflare
edge-start: 1623363441444
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff021766-FRA
content-length: 61192
cf-request-id: 0a99996b1d000017669e0e6000000001
server: cloudflare
origin-latency: 224

GET
H2 200 74fac3711a2c2554b7c1e721d9bb323b--warna-cat-anak-perempuan.jpg
i.pinimg.com/474x/74/fa/c3/ 35 KB
36 KB 135ms
132ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/474x/74/fa/c3/74fac3711a2c2554b7c1e721d9bb323b--warna-cat-anak-perempuan.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b59699afd7e8cfc01a176c76a9a41f9e7bdbe8eb9b14471c105853f5d0e851

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "54b2a31297b726641748906a0892085c"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441447
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff041766-FRA
content-length: 36306
cf-request-id: 0a99996b1e00001766a315c000000001
server: cloudflare
origin-latency: 107

GET
H2 200 f96a14f61727acbff20ec83d184e8cd2.jpg
i.pinimg.com/originals/f9/6a/14/ 119 KB
119 KB 40ms
37ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/f9/6a/14/f96a14f61727acbff20ec83d184e8cd2.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa63dbdb30f0ede81e10f65d776ff9a64fb1b199f2160c119903712c546d0cfe

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "23d0426270ad4ca8d17c22daa6213be3"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441442
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff061766-FRA
content-length: 121406
cf-request-id: 0a99996b1f0000176640a98000000001
server: cloudflare
origin-latency: 21

GET
H2 200 a3dfe248c880db367c7c1c7ddd1b1518.jpg
i.pinimg.com/originals/a3/df/e2/ 49 KB
49 KB 46ms
43ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/a3/df/e2/a3dfe248c880db367c7c1c7ddd1b1518.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ca349bda2e82ede6c1dfc928c07a43ae70eb011fa52a7139a3ed7c9cce76f9

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "61b4c141242c47f056989ebfe51d4cfb"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441443
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff081766-FRA
content-length: 50017
cf-request-id: 0a99996b1f000017663e39f000000001
server: cloudflare
origin-latency: 21

GET
H2 200 65535ada253bfd80a546fc741841ce49.jpg
i.pinimg.com/474x/65/53/5a/ 37 KB
38 KB 187ms
184ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/474x/65/53/5a/65535ada253bfd80a546fc741841ce49.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6053305c434e2bde8727314d3247c088282bd1ec097fe5fc687a632fd073aedb

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "d6e2c9e0cda99e6d8e6de2da01074ec4"
x-cdn: cloudflare
edge-start: 1623363441444
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff0e1766-FRA
content-length: 38338
cf-request-id: 0a99996b20000017668ebec000000001
server: cloudflare
origin-latency: 168

GET
H2 200 8ab64e32b528c7d85503b992bc42c332.jpg
i.pinimg.com/originals/8a/b6/4e/ 386 KB
386 KB 214ms
211ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/8a/b6/4e/8ab64e32b528c7d85503b992bc42c332.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403b0577048fb525f61ba394f60842e15131857fc978456b714e62e41127269a

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "88b6fc5f502a61f904c43d09dfaeb79d"
x-cdn: cloudflare
edge-start: 1623363441446
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff0f1766-FRA
content-length: 394776
cf-request-id: 0a99996b2100001766ab346000000001
server: cloudflare
origin-latency: 188

GET
H2 200 7b0c5b8d4c22120e8134527389612b6d.png
i.pinimg.com/originals/7b/0c/5b/ 852 KB
853 KB 141ms
138ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7b/0c/5b/7b0c5b8d4c22120e8134527389612b6d.png
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4617bd358c97977fb3c06ec1fa891c4c146ce8960a37ccb2ef715ba5f677e68a

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "43882f78543b0ef4c20a60b2d62686b3"
x-cdn: cloudflare
edge-start: 1623363441449
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff111766-FRA
content-length: 872802
cf-request-id: 0a99996b2200001766bb982000000001
server: cloudflare
origin-latency: 108

GET
H2 200 0d6f126bdd2957d5cd1845723684a92f.jpg
i.pinimg.com/originals/0d/6f/12/ 97 KB
98 KB 135ms
133ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0d/6f/12/0d6f126bdd2957d5cd1845723684a92f.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123850eacf23bc54fe71d3b8407da93192c87679c8a49d75f802e7e76dab8516

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "b90d8f2e3ab8cb749bc41eee1fe9e7ce"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441450
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff131766-FRA
content-length: 99736
cf-request-id: 0a99996b22000017665b94c000000001
server: cloudflare
origin-latency: 102

GET
H2 200 7b105538ea162b2c4badf91294bd3f5a.jpg
i.pinimg.com/originals/7b/10/55/ 67 KB
67 KB 46ms
44ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7b/10/55/7b105538ea162b2c4badf91294bd3f5a.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64503018d217b91ede65605441859ed9a73c0d2862d50c86754eaae94b2b11ea

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "46ebaab24544b5dedcba9c42ea8391fd"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441449
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff161766-FRA
content-length: 68197
cf-request-id: 0a99996b2300001766c4b05000000001
server: cloudflare
origin-latency: 17

GET
H2 200 7706c310e908312175baf283942603b4.jpg
i.pinimg.com/originals/77/06/c3/ 76 KB
76 KB 249ms
246ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/77/06/c3/7706c310e908312175baf283942603b4.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35be4ed99c82b9de005dc410a0dd99622e376fbd4811784e1103cafe137a3423

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "110d890f93f9b82998b3387181f914f0"
x-cdn: cloudflare
edge-start: 1623363441454
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff181766-FRA
content-length: 77801
cf-request-id: 0a99996b24000017664e1ba000000001
server: cloudflare
origin-latency: 220

GET
H2 200 Ukuran-Tempat-Tidur-1.png
cdn-cms.pgimgs.com/static/2019/04/ 110 KB
111 KB 318ms
284ms Image
image/png 2606:4700::6811:48ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cms.pgimgs.com/static/2019/04/Ukuran-Tempat-Tidur-1.png
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:48ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf5d0aab26553f643c48e93b7d7720b8fb667ea56e8edb83c0b86d7e1b5ab18

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Apr 2019 03:20:20 GMT
server: cloudflare
x-amz-request-id: V8GKV8K275VRT0H6
etag: "56b70b1deee63274d79102bda35b3a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 76vBH21qFVLTtUAaBMYe34g0bH51fYPFt9qwKdL/URHJS8POFEnutbsNdpf0ATUdKkwVwOPrekk=
content-type: image/png
accept-ranges: bytes
cf-ray: 65d5f8252a7216e6-FRA
content-length: 113094
cf-request-id: 0a99996b3d000016e618142000000001

GET
H2 200 ukuran-tempat-tidurx-4.jpg
blogpictures.99.co/ 84 KB
84 KB 1637ms
1572ms Image
image/jpeg 104.22.64.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogpictures.99.co/ukuran-tempat-tidurx-4.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.64.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a6a046c9d35cb32f8e5187c1b1ac5ffcd31c89de27f05e4c9ac9aa6f764195

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:23 GMT
cf-cache-status: MISS
x-amz-request-id: SBN5YTV88PJ4PV75
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85510
x-amz-id-2: 286Is+Y/1ARxNMCubf5xUGK1rhZNIduW/kg2AqCb2VuK86csrDzziCTzJjk8jY4sl55FoG6PNdc=
last-modified: Wed, 18 Dec 2019 06:24:51 GMT
server: cloudflare
etag: "39934a726363c4aaf0a53c9b325f16be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-request-id: 0a99996b620000cd8b5cad0000000001
accept-ranges: bytes
cf-ray: 65d5f8256e6acd8b-CDG
expires: Thu, 17 Dec 2020 06:24:50 GMT

GET
H2 200 desain-warna-cat-kamar-tidur-yang-menenangkan.jpg
rumahminimalisan.info/wp-content/uploads/2019/01/ 37 KB
38 KB 476ms
152ms Image
image/jpeg 198.252.99.244
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rumahminimalisan.info/wp-content/uploads/2019/01/desain-warna-cat-kamar-tidur-yang-menenangkan.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.99.244 Dallas, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.99.244-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 142ad6db6d56378dc1113c1e7f827a26640789e0dbe574c7d53bd69422e2920d

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
last-modified: Mon, 28 Jan 2019 10:34:29 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 38270
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H/1.1 200
OK gorden-hotel-1-300x223.jpg
pesangorden.id/wp-content/uploads/2019/07/ 15 KB
15 KB 989ms
166ms Image
image/jpeg 156.67.220.227
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pesangorden.id/wp-content/uploads/2019/07/gorden-hotel-1-300x223.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.67.220.227 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: Apache /
Resource Hash: 3e0b8acba827fad914efe0d0193a5c823d7e28ae9111b142d2f930af6a5f29fd

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 22:17:22 GMT
Last-Modified: Mon, 15 Jul 2019 09:36:40 GMT
Server: Apache
ETag: "1215bb-3cb1-58db4ff469a00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 15537

GET
H2 200 18d5adce2a0e5a32b4a0026e061197e2.jpg
i.pinimg.com/originals/18/d5/ad/ 37 KB
37 KB 189ms
187ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/18/d5/ad/18d5adce2a0e5a32b4a0026e061197e2.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09340c4b506795d43827f4ca6ff2953ebeab042e3ab448f24736f5de9bb45954

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "cf10c04c6124d7b1180b34c7f56c3fc2"
x-cdn: cloudflare
edge-start: 1623363441452
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff1c1766-FRA
content-length: 37701
cf-request-id: 0a99996b2400001766a7a6f000000001
server: cloudflare
origin-latency: 163

GET
H2 200 79b34d158179fdb00db8d2860d7a9997.jpg
i.pinimg.com/originals/79/b3/4d/ 47 KB
47 KB 201ms
199ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/79/b3/4d/79b34d158179fdb00db8d2860d7a9997.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a3d17c64eac2882b040d6bdb3e6f65a9bee19c5f17f5e4a5565b8fa98fcd074

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "59d60804d9f38bee34b328b16c65c5d7"
x-cdn: cloudflare
edge-start: 1623363441453
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff1f1766-FRA
content-length: 48262
cf-request-id: 0a99996b25000017666705e000000001
server: cloudflare
origin-latency: 175

GET
H2 200 a93be06437348de6fb9aa73392b77c15.jpg
i.pinimg.com/originals/a9/3b/e0/ 13 KB
14 KB 142ms
140ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/a9/3b/e0/a93be06437348de6fb9aa73392b77c15.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863ae80745066bcb7c88e1a2b379c79fc9bdbadb24dfe8b211856868991fc5d2

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "98975bbd5be7ba3ba26d1f8ab73614fa"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441456
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f824ff221766-FRA
content-length: 13815
cf-request-id: 0a99996b2600001766b1115000000001
server: cloudflare
origin-latency: 111

GET
H2 200 39316a9113015b7116008acfac111cde.jpg
i.pinimg.com/originals/39/31/6a/ 51 KB
51 KB 125ms
122ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/39/31/6a/39316a9113015b7116008acfac111cde.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4142428f3996c9216ee462e943c2762e91fea46dc2a28e248769d98a9de66de7

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "ede92212333b6276e14814f071579ab6"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441458
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f291766-FRA
content-length: 52309
cf-request-id: 0a99996b2800001766cfb29000000001
server: cloudflare
origin-latency: 95

GET
H2 200 c10a0f460aea93d7844721b6c5409a91.jpg
i.pinimg.com/originals/c1/0a/0f/ 48 KB
48 KB 200ms
198ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c1/0a/0f/c10a0f460aea93d7844721b6c5409a91.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cd5c87eda8e40355db031af19827eb92232c5b59c20dfd1d82ef7e59599b75

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "87699073dda68887b4de98dce3cbe0f2"
x-cdn: cloudflare
edge-start: 1623363441457
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f2c1766-FRA
content-length: 49187
cf-request-id: 0a99996b2800001766ab347000000001
server: cloudflare
origin-latency: 170

GET
H2 200 4c56dbcbf63f343024eb3ed7c7fa6b96.jpg
i.pinimg.com/originals/4c/56/db/ 233 KB
233 KB 242ms
240ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/4c/56/db/4c56dbcbf63f343024eb3ed7c7fa6b96.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f251c0920622e5f65f4622fdc01fded45048aff69dc4363bbb12af61ea0cf111

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "289d08ad54bf567680df244a996325c9"
x-cdn: cloudflare
edge-start: 1623363441460
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f2e1766-FRA
content-length: 238186
cf-request-id: 0a99996b290000176685370000000001
server: cloudflare
origin-latency: 212

GET
H2 200 b3811f421a486f7720005982d57f9efd.jpg
i.pinimg.com/originals/b3/81/1f/ 65 KB
65 KB 45ms
44ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/b3/81/1f/b3811f421a486f7720005982d57f9efd.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d79b5399da8784c0057d8be0269b65eccc913937aeb4351521027f21420373a

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "379b6322a152d47373a0be5b18cbd51a"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441457
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f301766-FRA
content-length: 66754
cf-request-id: 0a99996b2c000017664d96e000000001
server: cloudflare
origin-latency: 13

GET
H2 200 9e579e005e9701af628bb0074786bb84.png
i.pinimg.com/originals/9e/57/9e/ 306 KB
306 KB 234ms
232ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9e/57/9e/9e579e005e9701af628bb0074786bb84.png
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139ae2b0b00a67e9805759f0e244cea8e6ecced84ebbd2244cb3bd7c5dd12b38

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "517ce25b448740c82139fe7f6d334542"
x-cdn: cloudflare
edge-start: 1623363441461
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f321766-FRA
content-length: 312963
cf-request-id: 0a99996b2a000017667e2e3000000001
server: cloudflare
origin-latency: 203

GET
H2 200 7018bf8ac01424f96ed8ad668809e1e3.jpg
i.pinimg.com/originals/70/18/bf/ 130 KB
130 KB 209ms
207ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/70/18/bf/7018bf8ac01424f96ed8ad668809e1e3.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ffab66c5464f5537470d0cc8fe3629e49004fb4352dd5e4850f440012cc60c

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "d53c08ccfa602562688fd5700d9341d8"
x-cdn: cloudflare
edge-start: 1623363441455
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f331766-FRA
content-length: 132760
cf-request-id: 0a99996b2b0000176644021000000001
server: cloudflare
origin-latency: 180

GET
H2 200 701129e4a12017c39f579518a6a23c16.png
i.pinimg.com/originals/70/11/29/ 596 KB
597 KB 245ms
244ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/70/11/29/701129e4a12017c39f579518a6a23c16.png
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f02c5085be0eb4d70b330962146c0c43f07e4d2c0083d7834e3696b43ed720

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "95b7ae4c66c242d1ec33266f8f37a814"
x-cdn: cloudflare
edge-start: 1623363441456
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f361766-FRA
content-length: 610644
cf-request-id: 0a99996b2c0000176660269000000001
server: cloudflare
origin-latency: 216

GET
H2 200 efef29a0ee7a38da170a73804fd5d52b.png
i.pinimg.com/originals/ef/ef/29/ 1 MB
1 MB 136ms
135ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ef/ef/29/efef29a0ee7a38da170a73804fd5d52b.png
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d6bc9bb63f7267404572b5a270ec377b632f12c5075417f64b026b46e79d473

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "baba1135f32000c861758b4a8418082e"
x-cdn: cloudflare
edge-start: 1623363441462
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f381766-FRA
content-length: 1552076
cf-request-id: 0a99996b2d000017666c1c6000000001
server: cloudflare
origin-latency: 98

GET
H2 200 8f679b1c46cd0ed61fbb75153b07ebd1.png
i.pinimg.com/originals/8f/67/9b/ 2 MB
2 MB 285ms
284ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/8f/67/9b/8f679b1c46cd0ed61fbb75153b07ebd1.png
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df38e07ec1bdd33883cec18946737c0ba8e648a566da36b7810bbda9ea71d09

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "2723ded07b848f3621a7c699fa83a71d"
x-cdn: cloudflare
edge-start: 1623363441464
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8250f3a1766-FRA
content-length: 1572984
cf-request-id: 0a99996b2e000017664e1bb000000001
server: cloudflare
origin-latency: 251

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
659 B 68ms
44ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=baliagraha.com&callback=_gfp_s_&client=ca-pub-9701623207957648

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9701623207957648&plah=baliagraha.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6d88e93600b84a7acd955b9dc91e8b314cda528fabcf4a0c4710e33e63621983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=baliagraha.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=baliagraha.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D551 12 KB
1 KB 100ms
84ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&adk=1812271804&adf=3025194257&lmt=1623363441&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbaliagraha.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441374&bpp=5&bdt=75&idt=68&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4579679858446&frm=20&pv=2&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57ceb56eaef31f567321c2ebfeec105ae781279bfa855d15aaca488ff2035b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9701623207957648&output=html&adk=1812271804&adf=3025194257&lmt=1623363441&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbaliagraha.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441374&bpp=5&bdt=75&idt=68&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4579679858446&frm=20&pv=2&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 22:17:21 GMT
server: cafe
content-length: 1484
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Jun-2021 22:32:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:21 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263566164500"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28162
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:17:21 GMT

GET
H2 200 9ac601ccd06143b9e8928919c0f17311.jpg
i.pinimg.com/originals/9a/c6/01/ 43 KB
44 KB 124ms
122ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9a/c6/01/9ac601ccd06143b9e8928919c0f17311.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aed42dbd63466779bc4fd48dbfc4d29228bdeb369a86dddb42a5a67aed25f65

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "1e95ebd036206616133f093cc380594a"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441531
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8258fed1766-FRA
content-length: 44438
cf-request-id: 0a99996b7800001766cc91e000000001
server: cloudflare
origin-latency: 110

GET
H2 200 94eccc070f4f49b7f6b44aa224ad4695.jpg
i.pinimg.com/originals/94/ec/cc/ 79 KB
79 KB 22ms
22ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/94/ec/cc/94eccc070f4f49b7f6b44aa224ad4695.jpg
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e15c8345779be9b91c32c8df1a4974b1bb401870464017e03575ac84064634b

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
etag: "bf89b84264796a60790aaa7b706fa234"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1623363441533
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 65d5f8258ff31766-FRA
content-length: 80583
cf-request-id: 0a99996b78000017663e3a6000000001
server: cloudflare
origin-latency: 7

GET
H2 403 9f3f6d3e787a63632f1c9064e76d1774.js
vlry5l4j5gbn.com/9f/3f/6d/ 0
0 334ms
104ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vlry5l4j5gbn.com/9f/3f/6d/9f3f6d3e787a63632f1c9064e76d1774.js
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 22:17:21 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-29 200 main.min.js Show response
baliagraha.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 291ms
289ms Script
application/javascript 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

:path: /wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996bac0000dfebbb0cc000000001
last-modified: Thu, 14 Jan 2021 21:30:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=COn4LXXPjxaQdH3q%2FSltaAqXkxtmt5Yx3SuBJhur0svAx59AcHm9w1tns0axF%2B4XFt9fHRGB6YM3rVhTfc996YHk5kslg1a9ODEUwuTBzhzDGhjD9vWFTCWTJtxjH6IF10MXHUBZfEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f825eadfdfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 wp-embed.min.js Show response
baliagraha.com/wp-includes/js/ 1 KB
1 KB 301ms
298ms Script
application/javascript 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-includes/js/wp-embed.min.js?ver=5.6.4
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.6.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996bad0000dfeba194a000000001
last-modified: Thu, 04 Feb 2021 00:13:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KsRPbISRgmKo9tAF7%2Bx%2BSZ4MhNdDZea5pU60lXuNcjl2py5kmOG%2BiQD4MLmxL3Yp49Kv1NnBhWAVkq%2Fg2LW%2FyC6OcggEpx1DaXYoqIQSLl5SgGcXSd0FFG6o3%2BVv6oGc3crA7itvgeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f825eae0dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 jquery.min.js Show response
baliagraha.com/wp-includes/js/jquery/ 87 KB
30 KB 417ms
414ms Script
application/javascript 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996bad0000dfeb239b7000000001
last-modified: Mon, 28 Dec 2020 12:18:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VZs92cTIz6BJSeP6b8EngsV8NVVzgAM%2BdvfDq7%2FBMet3lrkrldGHt60GAgth%2FZSuL6q0g2a%2F9gtQTAdD5bN5634LbZEgaua3isJoUHEutjoKVgADDTmiMdU%2Fc1K4T29ylF6cO9LwvJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f825eae2dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
baliagraha.com/wp-includes/js/jquery/ 11 KB
4 KB 282ms
279ms Script
application/javascript 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996bad0000dfebad1ac000000001
last-modified: Mon, 28 Dec 2020 12:18:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DVvVbCJ5PpQQs6cJ3cY2MPgd9bN5BUoe2qzr1L65bbZFQNfKppM9uW5%2BAmMsMZY38rtWBVE686ikAv%2BG%2B%2Bv8PYK5YCyRUmkO6Av7DccgPC32zd3hFa04g9%2B02rqYVpGNM2TKYajHJqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f825eae3dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 image.js Show response
baliagraha.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
1 KB 289ms
286ms Script
application/javascript 2606:4700:3031::6815:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baliagraha.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.4.9
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a

Request headers

:path: /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.4.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: baliagraha.com
referer: https://baliagraha.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99996bae0000dfeb95bea000000001
last-modified: Mon, 28 Dec 2020 12:19:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jhHyJR8nVIfwJ9shdDJ1wWuA2LxV2vzpoWh%2Brf%2F0nSKfHWUJOlcLehjJzBELQGbwbqO4d1sA0PMeuDJKC8ZRnl67n%2BLzxJwW%2BQUkJ%2FCDYirctsh6rSpPtqlKtfSLb9KYVxh7CcojwHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 65d5f825eae4dfeb-FRA
expires: Thu, 17 Jun 2021 22:17:21 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=baliagraha.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=baliagraha.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1030 120 KB
39 KB 782ms
781ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

249a8f0d0f1fbf777314d101c64e17304e35e190ff2e8880265a5814ce43b6cb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI7Ip4qMjvECFdUGiwodZ6IM-A&gqi=cY_CYKCLL-PC7_UPosKGmAY&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI7Ip4qMjvECFdUGiwodZ6IM-A&gqi=cY_CYKCLL-PC7_UPosKGmAY&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 22:17:22 GMT
server: cafe
content-length: 39774
x-xss-protection: 0
set-cookie: IDE=AHWqTUltEl7QdHvI3oRZx4GGHxqVIsbU-ZnobdrcwNMrOBUJ_ttqF9s0luyuhmTKCBQ; expires=Tue, 05-Jul-2022 22:17:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:22 GMT
cache-control: private

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 55ms
18ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: baliagraha.com
URL: https://baliagraha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:14:24 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.192/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 553517948

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E26 109 KB
35 KB 664ms
664ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ce9b94705ebf20f9aadc7b2221d3dfbe98d02e88422555fde8c8878d892ead

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjPtIqMjvECFdiDgwcduogOcA&gqi=cY_CYO6YPPmJ7_UPoe6CaA&layout=/sadbundle/%24csp%253Der3%24/10023993934787577230/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjPtIqMjvECFdiDgwcduogOcA&gqi=cY_CYO6YPPmJ7_UPoe6CaA&layout=/sadbundle/%24csp%253Der3%24/10023993934787577230/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 22:17:22 GMT
server: cafe
content-length: 35399
x-xss-protection: 0
set-cookie: IDE=AHWqTUlWQGUUXAyoRxNArRzE4cP6QYj5RZAsEIDA97-3r4pK55mE2jwzlwzCKL3wexY; expires=Tue, 05-Jul-2022 22:17:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:22 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F98C 110 KB
35 KB 511ms
511ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d891b3d16086b52bf324557cd41f1d1830124c29e6e1845890a71f8fcfc0653

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDztIqMjvECFcISiwodYn8J7w&gqi=cY_CYIy2POWT9u8P_ouG2A4&layout=/sadbundle/%24csp%253Der3%24/4524948605701156848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDztIqMjvECFcISiwodYn8J7w&gqi=cY_CYIy2POWT9u8P_ouG2A4&layout=/sadbundle/%24csp%253Der3%24/4524948605701156848/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 22:17:22 GMT
server: cafe
content-length: 35812
x-xss-protection: 0
set-cookie: IDE=AHWqTUmpQuY8lygbdA11UdOAbv0g9IrzQwXtDT6QkOrIU8qk2fuwR1uT1OihXYX1sxY; expires=Tue, 05-Jul-2022 22:17:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:22 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC9A 110 KB
35 KB 563ms
562ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fe25f0ea25d7ccd689603a8e27cf6531940b8828a5a6989c3527ea3b55ae84b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKuTtYqMjvECFRqKdwod7zULVw&gqi=cY_CYLPTPLeR7_UP7N6L-A4&layout=/sadbundle/%24csp%253Der3%24/976805832190826625/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKuTtYqMjvECFRqKdwod7zULVw&gqi=cY_CYLPTPLeR7_UP7N6L-A4&layout=/sadbundle/%24csp%253Der3%24/976805832190826625/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 22:17:22 GMT
server: cafe
content-length: 36067
x-xss-protection: 0
set-cookie: IDE=AHWqTUneqLCZXuMwTbuAJ4uO5B_zfyYTHMhJo0YXQiNqUoVwUYKrpgNlK_9BiYakMdw; expires=Tue, 05-Jul-2022 22:17:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:22 GMT
cache-control: private

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 302ms
99ms Script
text/html 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4515003&@f16&@g1&@h1&@i1&@j1623363442057&@k0&@l1&@mBaliagraha.com%20%7C%20Dekorasi%20Rumah%202021&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:196489457&@b3:1623363442&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fbaliagraha.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: 1221900b8250083225898db160e329bc927c8e064bbb45558656db978583a215

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 22:17:19 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 9 KB
4 KB 32ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a0f3d799648e06645239911be14d5fd431b2ecebc81f4892cb96dc8714f66b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4524948605701156848/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3169
date: Tue, 08 Jun 2021 17:51:15 GMT
expires: Wed, 08 Jun 2022 17:51:15 GMT
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 188767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8022 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5eeRcY_CYND2PMKlrATi_qX4DpG-7Jte_fr9yIIKntDIz-ABEAEgoZndCWCViriCyAegAYfoq_QCyAEJqQLhSqvxym20PqgDAcgDSKoEwAFP0I7Ub-nC4-eo_ycfdN0Su_iAEqFWGrlVKiG2sB5wcyQM6SEohLKCqO9W54rYrSq32XO1duNxeyJ-6ZWX2ociIy9dBCqV2pIXRGiagt_aTfzFRgC5TCdZxjyoGEmAOAXxS5F-omimzhNb3FDlbM3_KpMlF61OZ6VsYBfJWpYkvGB1fbUZ8-bp0XVNb7vIpCBNTYFMIU4WxkgIfhPbxdHl9Zg0aganWB93Mt3_5t_JBZsTYqMsxMNiY6KI8baPi5TABJD9mrmkApIFBAgEGAGSBQQIBRgEoAYugAfgltOLAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDq8AnSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItOTcwMTYyMzIwNzk1NzY0OA&sigh=OBjHzXN_ySg&template_id=419

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 22:17:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 8022 17 KB
7 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:17:20 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 8022 2 KB
2 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:10:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8022 122 KB
37 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263560240521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:17:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 8022 13 KB
6 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:02:40 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame DDC4 11 KB
3 KB 30ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16986808040249150219/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2990
date: Tue, 08 Jun 2021 11:54:12 GMT
expires: Wed, 08 Jun 2022 11:54:12 GMT
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 210190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B8E 0
0 45ms
42ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLi0rcY_CYM7LL9WNrATnxLLAD42k8qRh7qqD3qsNkO_Ex50WEAEgoZndCWCViriCyAegAaPWsMQDyAEJqQLhSqvxym20PqgDAcgDSKoEsgFP0CtKQHr5gQFUTb7ZdE47adihgOyLjBH6X4uENt5R7V4dsBwiqg1WWkkkZSPNURDbZwU3WRAX0Nn1c8U09MLrA0MMVqzkNrLUNJGceBEIdCdDOmDsczwENu7ffkutWZrYUO_7-ghLlkfeV__hcydlw9yXCahzxHh2VujeeBNI7wBrwXe2AEtPaCK6OSNS7XKDicvEIS2LacBr4b95NsTpneIuuME4B6gS4ObCCcYQD2rAwATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD8_AfSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItOTcwMTYyMzIwNzk1NzY0OA&sigh=hlOP7YYH10c&template_id=419

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 22:17:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 6B8E 17 KB
7 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 21:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 21:35:19 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6B8E 2 KB
1 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:10:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B8E 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263560240521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:17:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6B8E 13 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:02:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6B8E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn7yP2i8BVZmjpNSwGop08lWdti5knKylIYtkeSAIZtoJMaHo5CMvGD608dMKqdrSVUJxf8IT7Sd2La-MtO2AYURmexw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C23 143 B
163 B 8ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlWQGUUXAyoRxNArRzE4cP6QYj5RZAsEIDA97-3r4pK55mE2jwzlwzCKL3wexY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3499021849&pi=t.aa~a.3073981843~i.15~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=3&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280&nras=3&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mSyxEaJCls&p=https%3A//baliagraha.com&dtd=80

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Jun 2021 21:48:09 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8022 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cec7d0b069ecf5625bfd76b3221c9e070fae8b6e5a4658a09a7fcfbcebccdef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 8022 0
20 B 57ms
44ms Other
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDztIqMjvECFcISiwodYn8J7w&gqi=cY_CYIy2POWT9u8P_ouG2A4&layout=/sadbundle/%24csp%253Der3%24/4524948605701156848/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 22:17:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 10 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99da60edde1e2013b75303f0ca4cfd4c21f3e357c1265150a6e3971c7569dd4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/976805832190826625/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3291
date: Tue, 08 Jun 2021 11:26:20 GMT
expires: Wed, 08 Jun 2022 11:26:20 GMT
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 211862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1ACD 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4csfco_CYKsSmpTeA-_rrLgFkb7sm16FxrrNhAqe0MjP4AEQASChmd0JYJWKuILIB6ABh-ir9ALIAQmpAuFKq_HKbbQ-qAMByANIqgTAAU_QzmR-u58JTwUwiBjmbTTv06MuNgoE9ri46mxAf5BzWzXTeyt_58ynBkIi315qqaN4hqh4dCX_eMgQZkbr4pxzxIXiPIMgqzUdASc7qTH6pVNpPoyJlBrw5juxs0sriUoHcCfZKyCPJXez9koZ9joke4oYJ7J26nuw9n3Y1-KHWjd8RbjzfUx5u0aQTNMkNJGkiVBPmZZrwNMqsR0DcnEav3T0OvDVXgCpvXp2pJi4DpccVRCQywNhIXxYFuQPh8AEkP2auaQCkgUECAQYAZIFBAgFGASgBi6AB-CW04sBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJPHEdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi05NzAxNjIzMjA3OTU3NjQ4&sigh=ZG0Ek__PX_A&template_id=419

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 22:17:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 1ACD 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 21:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 21:35:19 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1ACD 2 KB
1 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:10:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1ACD 122 KB
37 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263560240521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:17:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1ACD 13 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:02:40 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1ACD 0
0 25ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfULttS5QI-VTqjCK352_naoZ6PYzSlR8CKys3R-pTqyDsRPjWSCAGCPTpaXTmEVdUCw85ymbDiJTi0EDvjkaFaXSQ8g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 69C0 9 KB
3 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:48:12 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 69C0 26 KB
10 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29 200 HYPE-648.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 53 KB
23 KB 12ms
9ms Script
application/x-javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/HYPE-648.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 198559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23314
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 15:08:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:08:03 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EA4 143 B
163 B 9ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlWQGUUXAyoRxNArRzE4cP6QYj5RZAsEIDA97-3r4pK55mE2jwzlwzCKL3wexY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=600&slotname=6759543686&adk=1785115338&adf=955365906&pi=t.ma~as.6759543686&w=280&fwrn=4&fwrnh=100&lmt=1623363441&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441743&bpp=5&bdt=444&idt=6&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0&nras=1&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=1439&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b2jEi5ACFw&p=https%3A//baliagraha.com&dtd=18

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Jun 2021 21:48:09 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6B8E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 615e25e22febe91396e002de349662795f287f47bb90d5a9aa479ffb58b3cf24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 6B8E 0
20 B 40ms
40ms Other
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI7Ip4qMjvECFdUGiwodZ6IM-A&gqi=cY_CYKCLL-PC7_UPosKGmAY&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 22:17:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DDC4 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:48:12 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DDC4 26 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DDC4 57 KB
23 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:17:22 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E71 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlWQGUUXAyoRxNArRzE4cP6QYj5RZAsEIDA97-3r4pK55mE2jwzlwzCKL3wexY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Jun 2021 21:48:09 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 fischers-fritze-armband-segeltau-garnele-schwarz_970x250_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 25 KB
25 KB 10ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-armband-segeltau-garnele-schwarz_970x250_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83850b6dabe628364e9f25521604b31de28a27e195c444f9395c969cfaebc8eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 208781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25238
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 12:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 12:17:41 GMT

GET
H3-29 200 fischers-fritze-armband-leder-garnele-braun_970x250_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 26 KB
26 KB 14ms
13ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-armband-leder-garnele-braun_970x250_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f96c5bad9a541da8b0622bf7e30c2ce664fd0e953fdcfbe80636003f96fc00

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26217
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 16:03:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:03:45 GMT

GET
H3-29 200 fischers-fritze-armband-segeltau-garnele-rot_970x250_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 29 KB
29 KB 11ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-armband-segeltau-garnele-rot_970x250_3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18be7cf54aa61ff532222fa5bb4c3cf948eb8a22629f24ac4526de19bb8f05e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29638
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 17:51:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:51:18 GMT

GET
H3-29 200 fischers-fritze-entdecken_970x250_btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 884 B
911 B 13ms
12ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-entdecken_970x250_btn.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ca31b5c1043140b86f0134a255b11696e1eac6f590b99c2b777e4a12b09f77

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 182007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 884
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 19:43:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 19:43:55 GMT

GET
H3-29 200 fischers-fritze-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6591ada4f25fcd16af8fdb24cbd0d9468c1e3bfb12d58da0ea7d2adc1cab6b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 173664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2799
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 22:02:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:02:58 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_970x250_mood-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 11 KB
11 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-manufaktur-armband_970x250_mood-2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd6c5ee8d60299e97d9355cd8e09a6012cd4f02fb3f2f073bdcf6b42351af58

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10938
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 17:51:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:51:18 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_970x250_mood-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 18 KB
18 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-manufaktur-armband_970x250_mood-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef3edf8c86fbcaa7ea46b876be5960e4515051984ee86f23874bc77dd3c609b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 173664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18788
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Tue, 08 Jun 2021 22:02:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:02:58 GMT

GET
H3-29 200 fischers-fritze-970x250_txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/ Frame 69C0 4 KB
4 KB 15ms
14ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/fischers-fritze-970x250_txt.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4524948605701156848/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353c63dc211e2de6be78fef1c0c28f12316168a794b0126cbd42a2f4a7f89a99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 160778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3975
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 11:25:11 GMT
server: sffe
date: Wed, 09 Jun 2021 01:37:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 01:37:44 GMT

GET
DATA 200
OK truncated
/ Frame 1ACD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49e82b99f0e3d2f24102e358c25880c6c23b4e35976e04b026b32b7aacd7ff10

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 49 KB
14 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0e4b36498928026e593b3e5fb37f307c097963e5ba13b576f703051d035c97

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10023993934787577230/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 08 Jun 2021 20:44:39 GMT
expires: Wed, 08 Jun 2022 20:44:39 GMT
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 14324
age: 178363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2498 0
0 47ms
46ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5JzscY_CYKjTPNiHjuwPupG6gAeRvuybXv2eus2ECp7QyM_gARABIKGZ3QlglYq4gsgHoAGH6Kv0AsgBCakCvgasDeJrtD6oAwHIA0iqBLoBT9BaNjjv9ZlhXTk1Yj8IwRdW3r23sldAB_UZ_zy2QxYQnzXL1ssL_V16FWvJc036RxjG47JtfF6LcaH_ijkO8rGY4qSi092VN2u-ot1yOwu0c-x4Ym_EFfVUpMLHy7VeVXGoMNnBc_ZvQZo7nIp0WSB1255p33oUt3E5GPgTBUCpQayV-G4v7lSa0tOZYc8CqJZYVv-zeII-oXhsIoRS5qSFqoBmoLVY6SlRLIBbWNebRONLVP0PWtSgwASQ_Zq5pAKSBQQIBBgBkgUECAUYBKAGLoAH4JbTiwGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQz9oW0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTk3MDE2MjMyMDc5NTc2NDg&sigh=T-LosV811rY&template_id=419

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 22:17:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 2498 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 21:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 21:35:19 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2498 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:10:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2498 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263560240521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:17:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2498 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:02:40 GMT

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 1ACD 0
20 B 42ms
42ms Other
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKuTtYqMjvECFRqKdwod7zULVw&gqi=cY_CYLPTPLeR7_UP7N6L-A4&layout=/sadbundle/%24csp%253Der3%24/976805832190826625/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 22:17:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 85CF 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:48:12 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 85CF 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29 200 HYPE-648.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 53 KB
23 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/HYPE-648.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 208358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23314
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 12:24:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 12:24:44 GMT

GET
H2 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame DDC4 989 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 206081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 989
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Tue, 08 Jun 2021 13:02:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:02:42 GMT

GET
H2 200 18b0007183d0bb7a5606546c7ff0290f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame DDC4 116 KB
117 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/18b0007183d0bb7a5606546c7ff0290f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 175050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119162
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Tue, 08 Jun 2021 21:39:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 21:39:53 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 20C3 143 B
226 B 10ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Jun 2021 22:04:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 777
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2498 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9d31968c9ccafe022fd61fd47dd329e5abbbd8f09db3a85e1ee6d36a87af37d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C23
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

18ms
18ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 10-Jun-2021 23:17:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 2498 0
463 B 59ms
39ms Other
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjPtIqMjvECFdiDgwcduogOcA&gqi=cY_CYO6YPPmJ7_UPoe6CaA&layout=/sadbundle/%24csp%253Der3%24/10023993934787577230/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 22:17:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 fischers-fritze-armband-leder-garnele-braun_970x250_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 26 KB
26 KB 10ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-armband-leder-garnele-braun_970x250_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f96c5bad9a541da8b0622bf7e30c2ce664fd0e953fdcfbe80636003f96fc00

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 180852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26217
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 20:03:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 20:03:11 GMT

GET
H3-29 200 fischers-fritze-entdecken_970x250_btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 884 B
917 B 15ms
12ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-entdecken_970x250_btn.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ca31b5c1043140b86f0134a255b11696e1eac6f590b99c2b777e4a12b09f77

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 199520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 884
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 14:52:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:52:03 GMT

GET
H3-29 200 fischers-fritze-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 3 KB
3 KB 14ms
11ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6591ada4f25fcd16af8fdb24cbd0d9468c1e3bfb12d58da0ea7d2adc1cab6b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 161489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2799
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Wed, 09 Jun 2021 01:25:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 01:25:54 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_970x250_mood-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 11 KB
11 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-manufaktur-armband_970x250_mood-2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd6c5ee8d60299e97d9355cd8e09a6012cd4f02fb3f2f073bdcf6b42351af58

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 179614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10938
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 20:23:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 20:23:49 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_970x250_txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 4 KB
4 KB 12ms
10ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-manufaktur-armband_970x250_txt.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bbf279d16f2ee973da094c4236d8ebf2753d2d874f57cff95735827ce332c69

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4317
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 17:32:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:32:48 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_970x250_mood-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 18 KB
18 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-manufaktur-armband_970x250_mood-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef3edf8c86fbcaa7ea46b876be5960e4515051984ee86f23874bc77dd3c609b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 208358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18788
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 12:24:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 12:24:45 GMT

GET
H3-29 200 fischers-fritze-armband-segeltau-garnele-rot_970x250_3-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 29 KB
29 KB 18ms
16ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-armband-segeltau-garnele-rot_970x250_3-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18be7cf54aa61ff532222fa5bb4c3cf948eb8a22629f24ac4526de19bb8f05e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 171701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29638
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 22:35:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:35:42 GMT

GET
H3-29 200 fischers-fritze-armband-segeltau-garnele-schwarz_970x250_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/ Frame 85CF 25 KB
25 KB 14ms
12ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/fischers-fritze-armband-segeltau-garnele-schwarz_970x250_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/976805832190826625/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83850b6dabe628364e9f25521604b31de28a27e195c444f9395c969cfaebc8eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 184320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25238
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:28 GMT
server: sffe
date: Tue, 08 Jun 2021 19:05:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 19:05:23 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 89C9 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 11:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 11 Jun 2021 11:33:58 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 89C9 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EA4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 10-Jun-2021 23:17:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 69C0 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E71
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

20ms
14ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=3573948801&pi=t.aa~a.3073981843~i.19~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=2&bdt=601&idt=2&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600%2C740x280%2C740x280&nras=4&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JdnsoA91bS&p=https%3A//baliagraha.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 10-Jun-2021 23:17:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame DDC4 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 20C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
16ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9701623207957648&output=html&h=280&adk=529524915&adf=2319681329&pi=t.aa~a.3073981843~i.11~rp.4&w=740&fwrn=4&fwrnh=100&lmt=1623363441&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3892476951&psa=0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fbaliagraha.com%2F&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623363441900&bpp=4&bdt=601&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a846d27558a96ae-22f512665cc800f4%3AT%3D1623363441%3ART%3D1623363441%3AS%3DALNI_MYWJ5ugkVZmRX0JJh4JnawMKtbrcg&prev_fmts=0x0%2C280x600&nras=2&correlator=4579679858446&frm=20&pv=1&ga_vid=1199843851.1623363442&ga_sid=1623363442&ga_hid=1833413730&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2056&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C42530671&oid=3&pvsid=3116201646339142&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=pcSQWgkUeD&p=https%3A//baliagraha.com&dtd=76

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 10-Jun-2021 23:17:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 22:17:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 22:17:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 85CF 14 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 89C9 14 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29 200 logo-blau.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/logo-blau.png

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd6aa34058c7014b4bd6aede0d669bd0642d173e39a723178dce532f317657f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 227232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5389
x-xss-protection: 0
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
server: sffe
date: Tue, 08 Jun 2021 07:10:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 07:10:11 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/cta.png

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a846273fa4ea7bff5c30208e231892c7357097f02f351b9e483ffcda21651d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 201137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1625
x-xss-protection: 0
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
server: sffe
date: Tue, 08 Jun 2021 14:25:06 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:25:06 GMT

GET
H3-29 200 keyvisuals.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 695 B
727 B 10ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/keyvisuals.png

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7332b300fff81f63aefec1e2b0c072ee9c28c4565ada0376cd3f0276b99cf01

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 179835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 695
x-xss-protection: 0
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
server: sffe
date: Tue, 08 Jun 2021 20:20:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 20:20:08 GMT

GET
H3-29 200 dieschoenste.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 5 KB
5 KB 10ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/dieschoenste.png

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22f64f87aa926a55ffdcee4b8d2b378890f8b28c12ca7167c7ee674f060e8091

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 174869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4855
x-xss-protection: 0
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
server: sffe
date: Tue, 08 Jun 2021 21:42:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 21:42:54 GMT

GET
H3-29 200 makrelen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 23 KB
23 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/makrelen.png

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bebff6cf5001f3e217eb00e7d68292251a5835f922e2936eafaab13eafc7c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167766
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23955
x-xss-protection: 0
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
server: sffe
date: Tue, 08 Jun 2021 23:41:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:41:17 GMT

GET
H3-29 200 moodbild.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/ Frame 89C9 53 KB
53 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10023993934787577230/moodbild.jpg

Requested by

Host: baliagraha.com
URL: https://baliagraha.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8734a99f4970946ef7bae7da6da9f0817a98ab64cd305da2a9b6f515a26ff210

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53893
x-xss-protection: 0
last-modified: Fri, 16 Nov 2018 16:18:27 GMT
server: sffe
date: Tue, 08 Jun 2021 17:25:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:25:14 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dc076758525686cd5acdd2aff8f83ffc33eea9970f4a52412af562c12e59e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8407
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:17:23 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 2E43 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 10 Jun 2021 20:29:18 GMT
expires: Fri, 10 Jun 2022 20:29:18 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D2F6 783 B
531 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b9f7f4242143b332e225e59e298e6a13c8f3da4292310c7a012a0fc72b501e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c1cZvSu305FaIgMpUps7BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://baliagraha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://baliagraha.com/

Response headers

expires: Thu, 10 Jun 2021 22:17:23 GMT
date: Thu, 10 Jun 2021 22:17:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-c1cZvSu305FaIgMpUps7BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E43 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
42ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=3116201646339142&bg=!iomlic3NAAY6sG-_OrA7ACkAdvg8WlrpWAADzKifKZFcFohx__qU9fPHoTGgdFiwtUxAWiXHi9BnpgIAAAB4UgAAABRoAQeZAnsv2OXoj5JZL0ttM30VuxIAfNr1eY635l4UTwVD2LoYiiGj9cQmpma4UJ0GrIcdWP5xZRneSJeCXUzQpVEQ9oKjzCnksgCQuGXkUWGYy4-LTA0WF2wGw1xRk24A3kak6pQGRQozhBh7OtF-Rp8awPmUTLf_V9wEnbH-roYr1IcBgKzfw7Fdoc_ozQeJCC3MUYer8ksD1-UHB60TgP-REUVIpYmaHaVVeeRuXyzEkfHbn51ShUpo_qka4uoymR7GMtkjh3me4ms0B0m_6lA7APwu_WXHEj7DUagYTrlZjkelJ-u1QRdehsbVoupqH7yn4Xfq6BZIYtCnmowpAV8RC1o75-yz-01utWO4y7zZustVnpteYxvC3SKC-FnrJ0X0b_gOi6kQdb3UYhgrPRqlXxe2JrTDfzu_rb89xBvLdSeXoGeAEuglMuWBuj9SDPVkjtaHimO7jxoy2ys9CJyFxskaWEzbVA02XtPd6RsOuHrTwuLCnHlCTlqkRrokIbiPatSzrdkTulQAzu-DtA-7a-RbOMp0JoQaoUkiEAB1lCd03Qcfq-dkt4mhdL518SWCacgn9fp4KhxXdf8mBI7hTnsh-s-EIRXB0YT3r8VM5MbnMBvkHlzGqgaRdt6mx8RbuzOwIwUJfR9mORbiVQEJPK3UTxiDknFx5CU9jnL_1m_pFghgZ3RKFLXkdMBiXqJw7St2_6ihDte2AIXAYf4S4ZmER-NKm6HTGTgqgKuCLshyicIICOMYAndGzh13GIz8xmxaOKteAu1oZHhH8EO0lGcIvfIjMPVzRN1ODe4B9jz0wQE9Zi8Dl0pRPrqOmc0KUZ44HTJTjahbcQJKjg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baliagraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 22:17:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 18:56:07	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://baliagraha.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
baliagraha.com
blogpictures.99.co
cdn-cms.pgimgs.com
googleads.g.doubleclick.net
i.pinimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pesangorden.id
rumahminimalisan.info
s0.2mdn.net
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
vlry5l4j5gbn.com
www.google.com
www.googletagservices.com
104.22.64.199
142.250.185.162
156.67.220.227
192.243.59.12
198.252.99.244
198.27.80.143
2606:4700:3031::6815:29b
2606:4700::6811:48ef
2606:4700::6812:eb0
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::2006
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
46.105.201.240
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07b59699afd7e8cfc01a176c76a9a41f9e7bdbe8eb9b14471c105853f5d0e851
09340c4b506795d43827f4ca6ff2953ebeab042e3ab448f24736f5de9bb45954
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d0e4b36498928026e593b3e5fb37f307c097963e5ba13b576f703051d035c97
0d79b5399da8784c0057d8be0269b65eccc913937aeb4351521027f21420373a
0ec92fb743437a2909de4ed6546d52e8423cb6b98560efb4d0285ea8097dc20d
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f
1221900b8250083225898db160e329bc927c8e064bbb45558656db978583a215
123850eacf23bc54fe71d3b8407da93192c87679c8a49d75f802e7e76dab8516
12a6a046c9d35cb32f8e5187c1b1ac5ffcd31c89de27f05e4c9ac9aa6f764195
139ae2b0b00a67e9805759f0e244cea8e6ecced84ebbd2244cb3bd7c5dd12b38
142ad6db6d56378dc1113c1e7f827a26640789e0dbe574c7d53bd69422e2920d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18be7cf54aa61ff532222fa5bb4c3cf948eb8a22629f24ac4526de19bb8f05e9
1a846273fa4ea7bff5c30208e231892c7357097f02f351b9e483ffcda21651d3
1cec7d0b069ecf5625bfd76b3221c9e070fae8b6e5a4658a09a7fcfbcebccdef
22f64f87aa926a55ffdcee4b8d2b378890f8b28c12ca7167c7ee674f060e8091
249a8f0d0f1fbf777314d101c64e17304e35e190ff2e8880265a5814ce43b6cb
2aed42dbd63466779bc4fd48dbfc4d29228bdeb369a86dddb42a5a67aed25f65
2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
353c63dc211e2de6be78fef1c0c28f12316168a794b0126cbd42a2f4a7f89a99
35be4ed99c82b9de005dc410a0dd99622e376fbd4811784e1103cafe137a3423
3623222efb457c64d31650cf09ec10d7842a942e69202878e3197ee32d41b68e
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3cf5d0aab26553f643c48e93b7d7720b8fb667ea56e8edb83c0b86d7e1b5ab18
3e0b8acba827fad914efe0d0193a5c823d7e28ae9111b142d2f930af6a5f29fd
403b0577048fb525f61ba394f60842e15131857fc978456b714e62e41127269a
40b10336dfd25f2124f44e5c6e0003c3ea4c8b250f198791a052aa999bcf02e1
4142428f3996c9216ee462e943c2762e91fea46dc2a28e248769d98a9de66de7
4617bd358c97977fb3c06ec1fa891c4c146ce8960a37ccb2ef715ba5f677e68a
47a0f3d799648e06645239911be14d5fd431b2ecebc81f4892cb96dc8714f66b
49e82b99f0e3d2f24102e358c25880c6c23b4e35976e04b026b32b7aacd7ff10
4df38e07ec1bdd33883cec18946737c0ba8e648a566da36b7810bbda9ea71d09
5279d058730b788c3b13532e546144ca99bc765515f6f278e949736754250ca8
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
57ceb56eaef31f567321c2ebfeec105ae781279bfa855d15aaca488ff2035b0f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dc076758525686cd5acdd2aff8f83ffc33eea9970f4a52412af562c12e59e49
5e15c8345779be9b91c32c8df1a4974b1bb401870464017e03575ac84064634b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6053305c434e2bde8727314d3247c088282bd1ec097fe5fc687a632fd073aedb
615e25e22febe91396e002de349662795f287f47bb90d5a9aa479ffb58b3cf24
64503018d217b91ede65605441859ed9a73c0d2862d50c86754eaae94b2b11ea
6a3d17c64eac2882b040d6bdb3e6f65a9bee19c5f17f5e4a5565b8fa98fcd074
6bbf279d16f2ee973da094c4236d8ebf2753d2d874f57cff95735827ce332c69
6d88e93600b84a7acd955b9dc91e8b314cda528fabcf4a0c4710e33e63621983
6fe25f0ea25d7ccd689603a8e27cf6531940b8828a5a6989c3527ea3b55ae84b
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
80ffab66c5464f5537470d0cc8fe3629e49004fb4352dd5e4850f440012cc60c
83850b6dabe628364e9f25521604b31de28a27e195c444f9395c969cfaebc8eb
863ae80745066bcb7c88e1a2b379c79fc9bdbadb24dfe8b211856868991fc5d2
8734a99f4970946ef7bae7da6da9f0817a98ab64cd305da2a9b6f515a26ff210
8b9f7f4242143b332e225e59e298e6a13c8f3da4292310c7a012a0fc72b501e4
8dd6aa34058c7014b4bd6aede0d669bd0642d173e39a723178dce532f317657f
8eea6d9b594d7a5cf46ff223363aff6281cb8185e2501e9848a03715d0ebb52b
8ef3edf8c86fbcaa7ea46b876be5960e4515051984ee86f23874bc77dd3c609b
9431b6bfd54952bbc31fea5a9594829b7619d6bb8c4e7f6c550f22059dc73403
94cd5c87eda8e40355db031af19827eb92232c5b59c20dfd1d82ef7e59599b75
95619d6c3571cdb4b82b0047ed3abb9b83ec247a2add70ad066f93127b9f6016
99f96c5bad9a541da8b0622bf7e30c2ce664fd0e953fdcfbe80636003f96fc00
9b93074385b262944408f921e3aece68cf052e7f3869500ac61d47f73dcfcb9f
9d6bc9bb63f7267404572b5a270ec377b632f12c5075417f64b026b46e79d473
9d891b3d16086b52bf324557cd41f1d1830124c29e6e1845890a71f8fcfc0653
a2bebff6cf5001f3e217eb00e7d68292251a5835f922e2936eafaab13eafc7c5
a3ca349bda2e82ede6c1dfc928c07a43ae70eb011fa52a7139a3ed7c9cce76f9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
a9d31968c9ccafe022fd61fd47dd329e5abbbd8f09db3a85e1ee6d36a87af37d
aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3
b8d17b5435f44c28b661bae94b741e988ddf10c4f5269579a904a37321748d03
baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69
bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c1f02c5085be0eb4d70b330962146c0c43f07e4d2c0083d7834e3696b43ed720
c8c753a9fb58a91c132acabfb9d8b74f133a94b0d965dff73643d87bd5a8fb04
c8ca31b5c1043140b86f0134a255b11696e1eac6f590b99c2b777e4a12b09f77
c99da60edde1e2013b75303f0ca4cfd4c21f3e357c1265150a6e3971c7569dd4
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
d0eab2b39512fe3fd21f4d6473c2070b2308a9146ff4cc2ee2c4bb147b6bd348
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7ce9b94705ebf20f9aadc7b2221d3dfbe98d02e88422555fde8c8878d892ead
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e6aedff4be638ebea4139b935cea0478274f60bc289e2336c59a0e8de0d466
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e7332b300fff81f63aefec1e2b0c072ee9c28c4565ada0376cd3f0276b99cf01
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
f251c0920622e5f65f4622fdc01fded45048aff69dc4363bbb12af61ea0cf111
f6591ada4f25fcd16af8fdb24cbd0d9468c1e3bfb12d58da0ea7d2adc1cab6b7
fa63dbdb30f0ede81e10f65d776ff9a64fb1b199f2160c119903712c546d0cfe
fcd6c5ee8d60299e97d9355cd8e09a6012cd4f02fb3f2f073bdcf6b42351af58
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

baliagraha.com Open in urlscan Pro 2606:4700:3031::6815:29b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

146 Requests

100 %HTTPS

63 %IPv6

15 Domains

18 Subdomains

20 IPs

5 Countries

8672 kBTransfer

10275 kBSize

1 Cookies

21 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baliagraha.com Open in urlscan Pro
2606:4700:3031::6815:29b Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

18
Subdomains

20
IPs

5
Countries

8672 kB
Transfer

10275 kB
Size

1
Cookies

146 HTTP transactions
4 data transactions