www.balatarin.com Open in urlscan Pro
2600:1901:0:6f1d:: Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.balatarin.com/permlink/2023/1/20/5932634
Submission: On June 14 via manual (June 14th 2024, 4:51:38 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 36 HTTP transactions. The main IP is 2600:1901:0:6f1d::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.balatarin.com. The Cisco Umbrella rank of the primary domain is 748785.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on November 15th 2023. Valid for: a year.

This is the only time www.balatarin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2600:1901:0:6... 2600:1901:0:6f1d::	15169 (GOOGLE) (GOOGLE)
6	18.66.102.30 18.66.102.30	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
9	52.216.109.197 52.216.109.197	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
36	12

4 2600:1901:0:6f1d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

www.balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.102.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-30.fra56.r.cloudfront.net

assets.balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.216.109.197 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	balatarin.com www.balatarin.com — Cisco Umbrella Rank: 748785 assets.balatarin.com	216 KB
9	amazonaws.com s3.amazonaws.com	150 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 tpc.googlesyndication.com — Cisco Umbrella Rank: 172	214 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 132	177 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8196	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078	255 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 457	34 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	99 KB
36	8

	Domain	Requested by
9	s3.amazonaws.com	www.balatarin.com
7	pagead2.googlesyndication.com	www.balatarin.com pagead2.googlesyndication.com
6	assets.balatarin.com	www.balatarin.com assets.balatarin.com
4	www.balatarin.com	ajax.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	www.balatarin.com securepubads.g.doubleclick.net
1	www.google.de	www.balatarin.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ajax.googleapis.com	www.balatarin.com
1	www.googletagmanager.com	www.balatarin.com
36	11

This site contains links to these domains. Also see Links.

Domain
s3.amazonaws.com
https
help.balatarin.com
www.balavision.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.balatarin.com Starfield Secure Certificate Authority - G2	`2023-11-15` - `2024-12-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.balatarin.com/permlink/2023/1/20/5932634
Frame ID: 5E2BAE54320BA98AC3A7F95E4CAD2C31
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: FDB828DB6647F162D5BEA078EAA508FF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1718383894&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=28~30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_22~30_19&aiixl=28_4~30_6&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718383894472&bpp=3&bdt=456&idt=197&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1615730493044&frm=20&pv=2&ga_vid=877492826.1718383895&ga_sid=1718383895&ga_hid=1892753850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44798934%2C95331689%2C95331696%2C95334508%2C95334524%2C95334573%2C95334580%2C95335896%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4201770006825731&tmod=1737768250&uas=0&nvt=1&fsapi=1&fc=1920&brdim=500%2C500%2C500%2C500%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 55346AA7DA7CDAC52317BC50D437A3C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7031645305449270&output=html&h=60&slotname=9337965255&adk=3349321272&adf=3027176364&pi=t.ma~as.9337965255&w=779&abgtt=3&lmt=1718383894&rafmt=12&format=779x60&url=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&hl=en&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718383894475&bpp=1&bdt=460&idt=220&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1615730493044&frm=20&pv=1&ga_vid=877492826.1718383895&ga_sid=1718383895&ga_hid=1892753850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44798934%2C95331689%2C95331696%2C95334508%2C95334524%2C95334573%2C95334580%2C95335896%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4201770006825731&tmod=1737768250&uas=0&nvt=1&fc=1920&brdim=500%2C500%2C500%2C500%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=225
Frame ID: 9D996708FB27A85C80321AD9CFA5BE23
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7031645305449270&output=html&h=280&slotname=1232758454&adk=643933701&adf=4088463667&pi=t.ma~as.1232758454&w=336&abgtt=3&lmt=1718383894&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&hl=en&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718383894476&bpp=1&bdt=461&idt=231&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C779x60&nras=1&correlator=1615730493044&frm=20&pv=1&ga_vid=877492826.1718383895&ga_sid=1718383895&ga_hid=1892753850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44798934%2C95331689%2C95331696%2C95334508%2C95334524%2C95334573%2C95334580%2C95335896%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4201770006825731&tmod=1737768250&uas=0&nvt=1&fc=1920&brdim=500%2C500%2C500%2C500%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=233
Frame ID: CA1969F73C918FC23A2F5BE8EC91C974
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E88D0844C86C0BD63606A881308D3DF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بالاترین: سرگذشت عموی مادرم «رحمت پیرونذیری» از تروریست های چریک فدایی در واقعه «ژاندارمری سیاهکل» را بخوانید/عکس

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

891 kB
Transfer

2371 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://s3.amazonaws.com/bala.static/links/9945ce90-27fe-4458-ae6a-af1455f3e69b.jpeg

Search URL Search Domain Scan URL

URL: http://https//twitter.com/farhadazad7/status/1616434394088230917?s=61&t=5ELXWqFmiFWr0YgXnnn-0g
Title: source

Search URL Search Domain Scan URL

URL: https://help.balatarin.com/
Title: راهنما

Search URL Search Domain Scan URL

URL: https://help.balatarin.com/home/advertising
Title: آگهی

Search URL Search Domain Scan URL

URL: https://www.balavision.com/
Title: بالاویزیون

Search URL Search Domain Scan URL

URL: https://help.balatarin.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/balatarin

Search URL Search Domain Scan URL

URL: https://twitter.com/balatarin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 5932634 Show response
www.balatarin.com/permlink/2023/1/20/ 29 KB
11 KB 705ms
604ms Document
text/html 2600:1901:0:6f1d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balatarin.com/permlink/2023/1/20/5932634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:6f1d:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

059b7549ef31cf8211ec1c65f3a6303b230e4e559902f571fb85824ccc8fd037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Jun 2024 16:51:33 GMT
etag: W/"059b7549ef31cf8211ec1c65f3a6303b"
link: <https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css>; rel=preload; as=style; nopush,<https://assets.balatarin.com/assets/application-d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da.js>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31556952; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 82c10e7a-98f1-4e96-8277-aba84e796984
x-runtime: 0.199595
x-xss-protection: 0

GET
H/1.1 200
OK application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
assets.balatarin.com/assets/ 251 KB
45 KB 145ms
47ms Stylesheet
text/css 18.66.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 09 May 2024 04:03:32 GMT
Content-Encoding: gzip
Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 3156483
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 20 Nov 2023 15:03:40 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:ac930f6f377dd087821bf2de5bfd26ad
ETag: W/"ac930f6f377dd087821bf2de5bfd26ad"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Amz-Cf-Id: 7KYrgN1b9C-PeOSHMLEk5Q0x-zj1Z6dMBcbBdAlQ1VI_Dd1Fa0B0Pw==

GET
H/1.1 200
OK application-d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da.js Show response
assets.balatarin.com/assets/ 118 KB
33 KB 147ms
46ms Script
application/javascript 18.66.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/application-d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 01:12:09 GMT
Content-Encoding: gzip
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 5067566
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 15 Nov 2023 14:38:48 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:2481d6a243745651760b216898393e34
ETag: W/"2481d6a243745651760b216898393e34"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: Ss_OWZZ8WdfduJVhsPFObBsH4Pmcs5c7ignaeCd0F-zpQrZAQces3A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
99 KB 193ms
73ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58efbd8f6c971d44bae918e0f65c54a316289456ef93c9272f074a43d18aa5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 16:51:34 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
51 KB 201ms
97ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

93aae86ac9a4ae14a52bd82ba5aa5843ae72294138e1fda058918134ff5e7ff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52398
x-xss-protection: 0
server: cafe
etag: 17348401902277429047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 14 Jun 2024 16:51:34 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 201ms
100ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

6c563e6133704753f514c3275b1d6075ec7d73a643d4201685181288cb1fa042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31862
x-xss-protection: 0
server: cafe
etag: 240 / 19888 / 31084585 / config-hash: 3659654277512567102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Jun 2024 16:51:34 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 135ms
41ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 16:45:44 GMT

GET
H/1.1 200
OK app-52d5acf86a0bfe8bfc2009e3fac89ba348cebb41f941123e927a2ad9a70f4512.js Show response
assets.balatarin.com/assets/ 178 KB
47 KB 53ms
51ms Script
application/javascript 18.66.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/app-52d5acf86a0bfe8bfc2009e3fac89ba348cebb41f941123e927a2ad9a70f4512.js
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52d5acf86a0bfe8bfc2009e3fac89ba348cebb41f941123e927a2ad9a70f4512

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 15:17:47 GMT
Content-Encoding: gzip
Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 5103227
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 26 Dec 2023 13:47:22 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:0017800093d10be38ca678d4b8186836
ETag: W/"0017800093d10be38ca678d4b8186836"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: 1jCGWq8kCON2MEgt4ZjyaMgUgZw8DrT-5jG1uPRQ9-l78pVh7QvQIw==

GET
H/1.1 200
OK medium.jpg
s3.amazonaws.com/bala.static/balacheh_logos/1321/ 3 KB
3 KB 432ms
178ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/balacheh_logos/1321/medium.jpg?1540750856
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 031baa599a5d938c951729e71455e3161354b208e1c427fa3c85827470d87872

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Sun, 28 Oct 2018 18:20:58 GMT
Server: AmazonS3
x-amz-request-id: NTRF0FX1DX4QQ9QM
ETag: "6a658c74ff41f458c3f77869711e7cfd"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2825
x-amz-id-2: Erz5UVmvWrf0WfRSqvOyjRAc8stlCE+3Xkuoxt18dg9RW2u7Rqbuz3WHDiN1v+uLyxIgtPB1aBA=

GET
H/1.1 200
OK medium.jpg
s3.amazonaws.com/bala.static/avatars/181522/ 3 KB
4 KB 413ms
132ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/181522/medium.jpg?1684431449
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c1e923d51ba87be204ea10fda31dbe8ca546dcda53f36b281c4521401a412225

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Thu, 18 May 2023 17:37:31 GMT
Server: AmazonS3
x-amz-request-id: NTRDQAMK50EEY25Z
ETag: "abb3ec5d3cf77b88bba03317804b377b"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3186
x-amz-id-2: H/6z9oislgL0jkbLnJYjYaA9YR/7Lqkiy/W2xC8OQH5dmfik7a/FDQUlPSGj4u+5T4lElNmESUI=

GET
H/1.1 200
OK missing.png
assets.balatarin.com/avatars/small/ 500 B
997 B 51ms
50ms Image
image/png 18.66.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/avatars/small/missing.png
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03d5c445fbf76b8749bdac185d39ee6f2255ba15d67c66f10a7c69d978ac3faf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 20:44:40 GMT
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
Last-Modified: Sat, 30 Mar 2019 22:04:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 3269215
ETag: "24a925b59aad1a6cd61c43fb77941c20"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 500
X-Amz-Cf-Id: lfQpdNjeKR4sxuWRO7qYPZpdP4WlmhOFwvdM21B31isBGtihvp0prg==

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020733/ 9 KB
9 KB 550ms
137ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020733/square.jpg?1718346202
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dc88ea1edf90a3326ceff4fe7f0789aeb79ca98e91374b9fe0f0020ad6220a41

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Fri, 14 Jun 2024 06:23:24 GMT
Server: AmazonS3
x-amz-request-id: NTR97056KCBWW50N
ETag: "a64f39b412ba545cb5b0f2273f188e92"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8847
x-amz-id-2: AtVAGj7Lolvhb8EMCcMLFZscdMEZ2jfdNVfDvqd88rlobzAEms8FdMP+X32XVRIUlEMAvmAhZ2s=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020732/ 7 KB
7 KB 524ms
134ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020732/square.jpg?1718280977
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: da8ab4c4a9ebe7addd54a4b247609c40623ae07c14c5338efe7268eece22207b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Thu, 13 Jun 2024 12:16:19 GMT
Server: AmazonS3
x-amz-request-id: NTR6XEFP9A6YDGR4
ETag: "621bdc89eb45bb918ee62c2cabd36d6d"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 7176
x-amz-id-2: FZf+hKKQN4FY6Bb5Ax4KQsaugWtWknyo9JyUc+rUo+nFtDRLXk2N8Nm262nfesmoHoqbDP8DCRA=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020731/ 11 KB
11 KB 525ms
134ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020731/square.jpg?1718189046
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b6448724799f4e9395f85f7150fdc07a35cde1156341d5047c143903faee643e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Wed, 12 Jun 2024 10:44:08 GMT
Server: AmazonS3
x-amz-request-id: NTRA6BZ7AD9C7ZD2
ETag: "93ae80bfee8243823955134b5c3d85c0"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10809
x-amz-id-2: PyROgVECmA7DP1JTCUy77tW3twdmDgbL0/k0AJVeyNGKc32Aj7eODM1F7mD1oRtHp+fcY9PO1dY=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020730/ 7 KB
8 KB 369ms
153ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020730/square.jpg?1718113563
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81cacd48be3bef64c9e75ca5ccce1db3f30a301c31f6568c5f700ab2f372e19f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Tue, 11 Jun 2024 13:46:04 GMT
Server: AmazonS3
x-amz-request-id: NTR5H6TARGK9AE08
ETag: "5bb90cb250cf7e62d72038fc5a227436"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 7557
x-amz-id-2: mRymRYKrwOXKt2SwiS2QijDCGeyEA8zmHMw25iB2aWUxEnQBF5mdfxT6bkvxu87zYnhT3Innoy8=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020729/ 11 KB
12 KB 351ms
135ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020729/square.jpg?1717945937
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 124719783ae0ca7723fc01a16db634b6d32955e9573e73574dbbff1d2cc74876

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Sun, 09 Jun 2024 15:12:19 GMT
Server: AmazonS3
x-amz-request-id: NTRCH0R4MJCDH0SC
ETag: "87065a4b863ebcfb661ea4779c263419"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11664
x-amz-id-2: JnsnKDswWvaZi5fGuudViou5x+hVJwdc1dXrb5IDQXI7GftyuXzPJ6qEl8VR/r9hdslyFwxGuuI=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020728/ 6 KB
6 KB 354ms
137ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020728/square.jpg?1717934303
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 581f3198b7dc00f4e27876d295dc33fb1d1718be660dc20348deabbfc96d4cf8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Sun, 09 Jun 2024 11:58:25 GMT
Server: AmazonS3
x-amz-request-id: NTRE8VK9Q3XT9FMH
ETag: "100dd6b6918bb84a07a8c580d35e18af"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5895
x-amz-id-2: E7aF2M3xo8eTABASRgu9KINipGFoqA4Hty38utyPl3ovhoDfn4N0mYbWdUktJBXYvrPH2gRfdUg=

GET
H/1.1 200
OK logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
assets.balatarin.com/assets/ 4 KB
2 KB 65ms
43ms Image
image/svg+xml 18.66.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/assets/logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 09:03:56 GMT
Content-Encoding: gzip
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
Last-Modified: Mon, 09 Nov 2020 23:17:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 2620059
ETag: W/"699129013888caccc30ce00dc03acd6f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Cache: Hit from cloudfront
Cache-Control: max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: zPpE8L0n3-QCMA5lPf4T-yyuomhQH96Z4rxakcKwHJb7Wa-EbqkC6Q==

GET
H/1.1 200
OK fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
assets.balatarin.com/assets/fa-fonts/ 75 KB
76 KB 146ms
49ms Font
binary/octet-stream 18.66.102.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/fa-fonts/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2?v=4.7.0
Requested by: Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
Origin: https://www.balatarin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 21:54:20 GMT
Via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 2141835
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 77160
Last-Modified: Wed, 15 Nov 2023 14:38:52 GMT
Server: AmazonS3
ETag: "af7ae505a9eed503f8b8e6982036873e"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://www.balatarin.com
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Vary: Origin,Access-Control-Request-Method
Accept-Ranges: bytes
X-Amz-Cf-Id: siVPg-sVd6SBtUjbApsb59HujEDp94f4DD-HmilhS84aBzgr2MfmJA==

GET
H/1.1 200
OK 9945ce90-27fe-4458-ae6a-af1455f3e69b-permlink.jpg
s3.amazonaws.com/bala.static/links/ 90 KB
90 KB 477ms
297ms Image
image/jpeg 52.216.109.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/9945ce90-27fe-4458-ae6a-af1455f3e69b-permlink.jpg
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.109.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 61dc9ab54f54667d34e7cb94e946b3db85cb1d60c5a666e3182838028f924718

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 16:51:35 GMT
Last-Modified: Fri, 20 Jan 2023 16:02:55 GMT
Server: AmazonS3
x-amz-request-id: NTRBKKGZN45DA9Y1
ETag: "8aa5a72ffaa03b650a8454fc626b9a49"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 91797
x-amz-id-2: j+L1s7QbytP+4jy0UzSgFby0pIcZd6LPx9Bo8tytylrJIyuxakCpplcvZP7mWzvSB3uUQbIDaG8=

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/ 467 KB
146 KB 44ms
43ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/pubads_impl.js?cb=31084585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

198541ad4236b9420f75c7669cf99c7c33b99827fe7bc758724d1a2b6819caa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 472
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149147
x-xss-protection: 0
server: cafe
etag: 3115796513108237484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Jun 2025 16:43:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 426 KB
144 KB 98ms
97ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

705d326ed8a469611c830691f497755653477abeb7cc5a9b34dab4ae9abc82f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147282
x-xss-protection: 0
server: cafe
etag: 4413409701546100585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Jun 2024 16:51:34 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame FDB8 0
0 119ms
41ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 75194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jun 2024 19:58:20 GMT
etag: 16861080603521627538
expires: Thu, 27 Jun 2024 19:58:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 5534 0
0 227ms
160ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1718383894&plaf=1%3A2%2C2%3A2&plat=1%3A128%2C2%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=28~30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_22~30_19&aiixl=28_4~30_6&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718383894472&bpp=3&bdt=456&idt=197&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1615730493044&frm=20&pv=2&ga_vid=877492826.1718383895&ga_sid=1718383895&ga_hid=1892753850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44798934%2C95331689%2C95331696%2C95334508%2C95334524%2C95334573%2C95334580%2C95335896%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4201770006825731&tmod=1737768250&uas=0&nvt=1&fsapi=1&fc=1920&brdim=500%2C500%2C500%2C500%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 5310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jun 2024 16:51:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 9D99 0
0 558ms
506ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7031645305449270&output=html&h=60&slotname=9337965255&adk=3349321272&adf=3027176364&pi=t.ma~as.9337965255&w=779&abgtt=3&lmt=1718383894&rafmt=12&format=779x60&url=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&hl=en&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718383894475&bpp=1&bdt=460&idt=220&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1615730493044&frm=20&pv=1&ga_vid=877492826.1718383895&ga_sid=1718383895&ga_hid=1892753850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44798934%2C95331689%2C95331696%2C95334508%2C95334524%2C95334573%2C95334580%2C95335896%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4201770006825731&tmod=1737768250&uas=0&nvt=1&fc=1920&brdim=500%2C500%2C500%2C500%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44785
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jun 2024 16:51:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame CA19 0
0 777ms
732ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7031645305449270&output=html&h=280&slotname=1232758454&adk=643933701&adf=4088463667&pi=t.ma~as.1232758454&w=336&abgtt=3&lmt=1718383894&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&hl=en&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718383894476&bpp=1&bdt=461&idt=231&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C779x60&nras=1&correlator=1615730493044&frm=20&pv=1&ga_vid=877492826.1718383895&ga_sid=1718383895&ga_hid=1892753850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44798934%2C95331689%2C95331696%2C95334508%2C95334524%2C95334573%2C95334580%2C95335896%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4201770006825731&tmod=1737768250&uas=0&nvt=1&fc=1920&brdim=500%2C500%2C500%2C500%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38696
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jun 2024 16:51:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 158ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8X79LBSGX3&gtm=45je46c0v9103751878za200&_p=1718383894212&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=877492826.1718383895&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718383895&sct=1&seg=0&dl=https%3A%2F%2Fwww.balatarin.com%2Fpermlink%2F2023%2F1%2F20%2F5932634&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D8%B3%D8%B1%DA%AF%D8%B0%D8%B4%D8%AA%20%D8%B9%D9%85%D9%88%DB%8C%20%D9%85%D8%A7%D8%AF%D8%B1%D9%85%20%C2%AB%D8%B1%D8%AD%D9%85%D8%AA%20%D9%BE%DB%8C%D8%B1%D9%88%D9%86%D8%B0%DB%8C%D8%B1%DB%8C%C2%BB%20%D8%A7%D8%B2%20%D8%AA%D8%B1%D9%88%D8%B1%DB%8C%D8%B3%D8%AA%20%D9%87%D8%A7%DB%8C%20%DA%86%D8%B1%DB%8C%DA%A9%20%D9%81%D8%AF%D8%A7%DB%8C%DB%8C%20%D8%AF%D8%B1%20%D9%88%D8%A7%D9%82%D8%B9%D9%87%20%C2%AB%DA%98%D8%A7%D9%86%D8%AF%D8%A7%D8%B1%D9%85%D8%B1%DB%8C%20%D8%B3%DB%8C%D8%A7%D9%87%DA%A9%D9%84%C2%BB%20%D8%B1%D8%A7%20%D8%A8%D8%AE%D9%88%D8%A7%D9%86%DB%8C%D8%AF%2F%D8%B9%DA%A9%D8%B3&en=page_view&_fv=1&_ss=1&_ee=1&up.logged_in=false&tfd=2407
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 16:51:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 165ms
49ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8X79LBSGX3&cid=877492826.1718383895&gtm=45je46c0v9103751878za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 16:51:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 i Show response
www.balatarin.com/analytics/ 0
45 B 411ms
410ms XHR
text/plain 2600:1901:0:6f1d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.balatarin.com/analytics/i
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:6f1d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:36 GMT
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 increment_views Show response
www.balatarin.com/links/5932634/ 0
577 B 146ms
141ms XHR
text/plain 2600:1901:0:6f1d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balatarin.com/links/5932634/increment_views

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:6f1d:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.006002
date: Fri, 14 Jun 2024 16:51:35 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
server: nginx
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: b41e17b8-5d8d-4764-a56c-277d6de14a63

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 135ms
79ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8X79LBSGX3&cid=877492826.1718383895&gtm=45je46c0v9103751878za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1759224335

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/permlink/2023/1/20/5932634

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 16:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 166ms
86ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2ef3fd08448a2a73cd30ca93196f3ffd4c392670082e66c6c80d8b1e5aacaca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12728
x-xss-protection: 0

GET
H2 200 favicon.ico
www.balatarin.com/ 6 KB
491 B 401ms
401ms Other
image/vnd.microsoft.icon 2600:1901:0:6f1d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balatarin.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:6f1d:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

0e08745c0461aa993930357cfc79fcc2339846a643c330ee1e6ce473bbacaf3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:36 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
via: 1.1 google
last-modified: Wed, 27 Dec 2023 17:12:36 GMT
server: nginx
content-encoding: br
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 16:51:36 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E88D 0
0 44ms
44ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.balatarin.com/permlink/2023/1/20/5932634
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jun 2024 15:40:36 GMT
expires: Sat, 14 Jun 2025 15:40:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=4201770006825731&bg=!m5ilmNfNAAb64txl2uI7ADQBe5WfOCnSmoab_FhWtcuGhg3R7Y5cES9Dc0H-WhmRzS_No-gU0rClVCpBP7VALzWUBwGaAgAAAFxSAAAAAmgBB34ANUDXzwoVJrxEZiHzOz2gOAzlUeu1x7R86rXxMv_9JZvS3m9dz9iurjkHIuMkip24tWLJr3zRmQKYTBPH1atZZRoQITYciKcyDiR0MyOjAom2SzTVNsAbwqfVtBoMyP4mvZ0lyrteyDRZa2AwYHC8khOVG20e2a0WsWsLt3vDRGmOzyIDIobzL1e3JUBMBjkhnCxFyGcuc4aIaUXDM2zNySDE5kMdYdx8zJ3CmCyVVBHEmjirxZpOaEp6XrED4Eq6bVfakIk0SAXq-naMA02YdkVMN9Crn49cyXDi-nZU4zHkATNvZNGSH_qnCLmfd_oVDlB4PmXCzzz-IHWJrv6530jppqUdyG4NxEot9c0OgTOFNusu7u-VE-KU6Mi3oK9_pjql1zhErsl_-ypGCfXZ3yn0WN-l9ZEhHo0tWjFWNenntNS40oUg7UJViipG12_FbA2iL2f8R_-dRh5kh3gExzUWwLDQFV0FIHAA5rFEEj29M4Ip_8Zsvhprv6BLoNGUy0233bz8UT9WSi1O_3FCfswo_in4t5qyGA618XltH12KG1jmr7d6GxgK9hWpO8bnmWYNU6H0_d3aU7c1GvWUfq_SvBCozfRa9vqKrBP_CGf5XaK8X4x3c1D9zgAXb_mozhx6Ip4xPsCR6e_NoelxntP7f5kv5q-b2ySKJ_9nJBZ1R6Rq8ld1mtley-Ib-bwGD8J0VMRPZUh_V73-FEe5z8yIAy-Zrap_4wXE4RiE0Zwxm45faEtIqULQ8PtvFgqs_jaLwDrFkL3PyBmrVXzW2wSWM9FolhOiNBrn6W3sE43ibcRx1oD6ErVt_Qbdh5PfZ81iKowR2vDXJVCKNtnqlbNZcSl9B7AKj0tWdhNT6fdDTa9HBMgwEuTt16RUERTJEwDmpkgujD_Ja_PrN3X_jS0V2fw-F_jmQ-jdeO_ZtVZti2bTYAWyctLdvMK9DD_O-g

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.balatarin.com/permlink/2023/1/20	1969-12-31 23:59:59	Name: geo Value: 0
www.balatarin.com/links/5932634	1969-12-31 23:59:59	Name: geo Value: 0
www.balatarin.com/analytics	1969-12-31 23:59:59	Name: geo Value: 0
.balatarin.com/	1970-01-21 01:38:55	Name: __eoi Value: ID=24228d599a3e3a1c:T=1718383894:RT=1718383894:S=AA-AfjZq_CfHU7h4b7EsMZ3YyenT
.balatarin.com/	1970-01-21 06:55:43	Name: _ga_8X79LBSGX3 Value: GS1.1.1718383895.1.0.1718383895.60.0.0
.balatarin.com/	1970-01-21 06:55:43	Name: _ga Value: GA1.1.877492826.1718383895
www.balatarin.com/	1969-12-31 23:59:59	Name: _balat_session_new Value: ZjAa9u23rn5makwjmKW4Pz2kJooY%2BM25C0U3q8FGkvimZuOOp%2BONKH7aLNimtR6QBluQpr2rxcdhAqjVviEhpLezhL33RpGIqvHfECfzQwuyH2%2FCm4XyijRS80Ob4D4wTqv9gdjB1HVZkrAOJAEDCrhLe95r%2Bwdii%2F5zbdp3exYavsZZIClkNKQ72RXSF4JbX8IkApbJWjjPxSA76oyVJ%2BiK0z62XHQrRWPvG9zugsHdJ3TIvNSzu5JCYtI5uVKEqSlASrziaKX4P2%2BgvM96KAXQQ3Wo9qvt3y3w63hpMFkMM1kXP%2F2wvPFxayGNXn1gbhHnU3xvxmE4druXsSpvunwxDvojTOzTPkDqk79eiMWZG6uSQIsB%2Fd0JpD3oH3OTOPusf%2FFyv1YLMQo0fLWhrg8NfGdnQBqylSUNmy7umw51yOYKFG6rOtyfEhI5hXLCNKrEFzbM--ycmqYI5e6%2BaibrAZ--K2ThqIRoOI33%2FLrX2zNxuA%3D%3D
www.balatarin.com/	1969-12-31 23:59:59	Name: geo Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.balatarin.com/permlink/2023/1/20/5932634 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.balatarin.com
pagead2.googlesyndication.com
region1.analytics.google.com
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.balatarin.com
www.google.de
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.186.66
142.250.186.99
172.217.18.2
18.66.102.30
2001:4860:4802:34::36
2600:1901:0:6f1d::
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9a
52.216.109.197
031baa599a5d938c951729e71455e3161354b208e1c427fa3c85827470d87872
03d5c445fbf76b8749bdac185d39ee6f2255ba15d67c66f10a7c69d978ac3faf
059b7549ef31cf8211ec1c65f3a6303b230e4e559902f571fb85824ccc8fd037
0e08745c0461aa993930357cfc79fcc2339846a643c330ee1e6ce473bbacaf3a
124719783ae0ca7723fc01a16db634b6d32955e9573e73574dbbff1d2cc74876
168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be
198541ad4236b9420f75c7669cf99c7c33b99827fe7bc758724d1a2b6819caa7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ef3fd08448a2a73cd30ca93196f3ffd4c392670082e66c6c80d8b1e5aacaca4
52d5acf86a0bfe8bfc2009e3fac89ba348cebb41f941123e927a2ad9a70f4512
581f3198b7dc00f4e27876d295dc33fb1d1718be660dc20348deabbfc96d4cf8
58efbd8f6c971d44bae918e0f65c54a316289456ef93c9272f074a43d18aa5aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dc9ab54f54667d34e7cb94e946b3db85cb1d60c5a666e3182838028f924718
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c563e6133704753f514c3275b1d6075ec7d73a643d4201685181288cb1fa042
705d326ed8a469611c830691f497755653477abeb7cc5a9b34dab4ae9abc82f8
81cacd48be3bef64c9e75ca5ccce1db3f30a301c31f6568c5f700ab2f372e19f
93aae86ac9a4ae14a52bd82ba5aa5843ae72294138e1fda058918134ff5e7ff1
b6448724799f4e9395f85f7150fdc07a35cde1156341d5047c143903faee643e
c1e923d51ba87be204ea10fda31dbe8ca546dcda53f36b281c4521401a412225
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5
d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da
da8ab4c4a9ebe7addd54a4b247609c40623ae07c14c5338efe7268eece22207b
dc88ea1edf90a3326ceff4fe7f0789aeb79ca98e91374b9fe0f0020ad6220a41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.balatarin.com Open in urlscan Pro 2600:1901:0:6f1d:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

55 %IPv6

8 Domains

11 Subdomains

12 IPs

3 Countries

891 kBTransfer

2371 kBSize

8 Cookies

8 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.balatarin.com Open in urlscan Pro
2600:1901:0:6f1d:: Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

891 kB
Transfer

2371 kB
Size

8
Cookies

36 HTTP transactions
0 data transactions