www.balatarin.com Open in urlscan Pro
107.178.241.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://balatarin.com/
Effective URL:
https://www.balatarin.com/
Submission Tags: tranco_l324
Submission: On November 05 via api (November 5th 2021, 6:24:06 am UTC) from DE — Scanned from DE

Summary HTTP 154 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 154 HTTP transactions. The main IP is 107.178.241.59, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.balatarin.com.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.

This is the only time www.balatarin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	107.178.241.59 107.178.241.59	15169 (GOOGLE) (GOOGLE)
6	18.66.248.8 18.66.248.8	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:400e:80d::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
40	52.217.45.158 52.217.45.158	16509 (AMAZON-02) (AMAZON-02)
1	18.66.244.35 18.66.244.35	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400e:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
5 7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
154	26

4 107.178.241.59 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 59.241.178.107.bc.googleusercontent.com

balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.248.8 (United States)

ASN16509 (AMAZON-02, US)

assets.balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400e:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 52.217.45.158 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.244.35 (United States)

ASN16509 (AMAZON-02, US)

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:801::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	amazonaws.com s3.amazonaws.com	212 KB
33	googlesyndication.com pagead2.googlesyndication.com 6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com tpc.googlesyndication.com	344 KB
28	2mdn.net s0.2mdn.net	370 KB
27	doubleclick.net 5 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	243 KB
10	balatarin.com 2 redirects balatarin.com www.balatarin.com assets.balatarin.com	198 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	google.com adservice.google.com www.google.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	googletagservices.com www.googletagservices.com	111 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	teads.tv sync.teads.tv	344 B
2	google.de adservice.google.de www.google.de	1 KB
1	nr-data.net bam-cell.nr-data.net	715 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	googleadservices.com partner.googleadservices.com	409 B
1	amazon-adsystem.com z-na.amazon-adsystem.com	8 KB
1	googleapis.com ajax.googleapis.com	34 KB
154	18

	Domain	Requested by
40	s3.amazonaws.com	www.balatarin.com
28	s0.2mdn.net	www.balatarin.com s0.2mdn.net googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	www.balatarin.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	www.balatarin.com securepubads.g.doubleclick.net www.googletagservices.com
6	assets.balatarin.com	www.balatarin.com assets.balatarin.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	www.balatarin.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	www.balatarin.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
3	www.google-analytics.com	www.balatarin.com
3	www.balatarin.com	1 redirects ajax.googleapis.com
2	sync.teads.tv	googleads.g.doubleclick.net
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.balatarin.com
1	www.google.de	www.balatarin.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z-na.amazon-adsystem.com	www.balatarin.com
1	ajax.googleapis.com	www.balatarin.com
1	balatarin.com	1 redirects
154	28

This site contains links to these domains. Also see Links.

Domain
www.iranintl.com
news.gooya.com
www.asriran.com
fararu.com
iranglobal.info
www.radiofarda.com
rules.balatarin.com
sites.google.com
blog.balatarin.com
www.balavision.com
about.balatarin.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www.balatarin.com R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.balatarin.com Amazon	`2021-07-31` - `2022-08-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 17 frames:

Primary Page: https://www.balatarin.com/
Frame ID: 3681FF805C350720E736D06B42DCA655
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html
Frame ID: D0A502058A109585CEC416E96647D700
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1636093440&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440438&bpp=2&bdt=228&idt=153&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1575939950739&frm=20&pv=2&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=172
Frame ID: 7720EC81942D80347EC388A03047E681
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1219443404&pi=t.ma~as.6838607656&w=779&lmt=1636093440&rafmt=12&psa=0&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440476&bpp=46&bdt=266&idt=142&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=605&ady=1050&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NOBriB6TUw&p=https%3A//www.balatarin.com&dtd=149
Frame ID: E890190A3130EB7C4973BAA849D4D85A
Requests: 1 HTTP requests in this frame

Frame: https://6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3663440F91A138B332A68D76432763FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440574&bpp=1&bdt=363&idt=133&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=605&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VLB0xZ4xf7&p=https%3A//www.balatarin.com&dtd=136
Frame ID: 6666DC723300A7C0C6265707FFB68EE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1636093440&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440575&bpp=1&bdt=365&idt=145&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90%2C779x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KEwsVlDos1&p=https%3A//www.balatarin.com&dtd=148
Frame ID: F2BFE37B968E598544B9FC5DB3525E5A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440584&bpp=1&bdt=374&idt=143&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78307ac215b1f7e8-2211fe7120cb009c%3AT%3D1636093440%3ART%3D1636093440%3AS%3DALNI_MZu0cOQpoefaR1BRiIHt9ElICukXA&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=254&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=so69B0mgIa&p=https%3A//www.balatarin.com&dtd=145
Frame ID: 2F7D8734DF9EDEFDCF3FC7680CB40544
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto0uKbfEeTQYzzqfMZRJWnI9bd9GtV4rvolS37B0GtQ4AYCwRu2uMMbTLQpHqcjwtuIToi6Ja5la-iV4LJ_HheJbVh-bjWN0ewMF3ZzAyuPq6woxGABK6e2W7qLG5FMe264E9WFXkoNcIC1zszF6YGikfEHS2waiX6nw97O6VrOM7h1nj0aUPGMKDSxM0FClRn5wBJPG1a8Aozh9zRSqeD_B__oEEFp5XjahkdmammC3-63AkvVBxtsOBk2Hz6VRdLfYuYVXBM12zbqQzzjqJ9Gekq4_aUjp1UdulNrtBdJLhCaPuuyrSWLedB&sai=AMfl-YTKaSeRDUIppjw6nWq0wuKzbuJVgtunHgaqMi8S7no0thkFzZSApsD5NU8p1cnPSttzhhwZZ6Yx1cURGRNe1ZKgBV2VZBNIl7IcmqZRoNseLxyPWWnmGHF37rQytheL&sig=Cg0ArKJSzMhDBPZKV83LEAE&uach_m=[UACH]&adurl=
Frame ID: DC179C3980ACC94232335068286D4C9A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLNGRCMuvrSAhjb5YKrATAB&v=APEucNVjPUcCUBHMkpp8eRZ2zJQ4_H9_lS6lUTPy7BuXVHQ6GN7biq1nJgiX-IDReSpawoAn0O4eKXs0KVmQa66A9VI6es2rPG0vxk_K0rhq5hUwiH-WWQw9QvkSB7oJczwHdZbHAhUNj65YbEko4N7uBLJ-itLB96i04WRFKL6Hw-9kWkTl2uA
Frame ID: 6304EDE0F0A170CA3FACCF20ABD8FD26
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyXvwEQlafNARj9vJe4ATAB&v=APEucNUueT65pP3rHVuoZXh0YVrA7y7tlI4Y3seMy9bt5a_ePIsAea0uG7c3BmQZfRUqEo5Xgzw5xZObzoeokdUdTRUnXkynQytdeSdCNun__S33T-eSVhtfOneuAcuE8vW5CWBRkLgjQ9KP63vT9yqlz2MqmzmDAn5HFhShiu4OHcWvdOKrk6I
Frame ID: 339939245A076FC769E531FCBB1FCF6B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
Frame ID: A08180EF402A9D88530B80E512D24F31
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1AC1697134CBA6BC18411A7C72180437
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 622EE6BC60719CC4FEA87924BA15ED22
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
Frame ID: DE334E4CE43EAA301C9C0F297D44F44A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7036C06E60ED8D1257D029889CE97A88
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77DC5BFDC5BF35C71B00AD641A361126
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بالاترین: لینک‌های منتخب

Page URL History Show full URLs

http://balatarin.com/ HTTP 301
http://www.balatarin.com/ HTTP 301
https://www.balatarin.com/ Page URL

Page Statistics

154
Requests

95 %
HTTPS

48 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

1560 kB
Transfer

3640 kB
Size

18
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.iranintl.com/20211104227002
Title: گزارش رویترز؛ افزایش اشتغال زنان در عربستان سعودی در پی اصلاحات بن‌سلمان

Search URL Search Domain Scan URL

URL: https://news.gooya.com/2021/11/post-57907.php
Title: کسب اجازه خامنه‌ای از پوتین برای گاز گرفتن!

Search URL Search Domain Scan URL

URL: https://www.asriran.com/fa/news/811093/%D8%B9%D9%84%D8%A7%D8%A6%D9%85-%D8%B4%D8%A7%DB%8C%D8%B9-%DA%A9%D8%B1%D9%88%D9%86%D8%A7-%E2%80%8C-%D8%A2%D9%86%D9%81%D9%84%D9%88%D8%A2%D9%86%D8%B2%D8%A7-%D9%88-%D8%B3%D8%B1%D9%85%D8%A7%D8%AE%D9%88%D8%B1%D8%AF%DA%AF%DB%8C
Title: علائم شایع کرونا، ‌ آنفلوآنزا و سرماخوردگی

Search URL Search Domain Scan URL

URL: https://fararu.com/fa/news/512832/%D9%88%DB%8C%D8%AF%D8%A6%D9%88-%D8%AF%D8%B1%DA%AF%DB%8C%D8%B1%DB%8C-%D9%88%D8%AD%D8%B4%D8%AA%D9%86%D8%A7%DA%A9-%D8%A7%D8%B1%D8%A7%D8%B0%D9%84-%D9%88-%D8%A7%D9%88%D8%A8%D8%A7%D8%B4-%D8%AF%D8%B1-%D9%82%D9%85-%DB%B1%DB%B8-
Title: (ویدئو) درگیری وحشتناک اراذل و اوباش در قم/ ۱۸+

Search URL Search Domain Scan URL

URL: https://iranglobal.info/node/90575
Title: اولین قرص درمان کووید در انگلیس تایید شد

Search URL Search Domain Scan URL

URL: https://www.radiofarda.com/a/response-to-iran-s-lack-of-cooperation-with-iaea/31546187.html
Title: فرانسه از رایزنی‌ با شرکای خود برای واکنش به «عدم همکاری» ایران با آژانس خبر داد

Search URL Search Domain Scan URL

URL: https://www.radiofarda.com/a/ali-nourizad-imprisoned-civil-activist-was-on-leave/31545283.html
Title: علی نوری‌زاد، فعال مدنی،‌ از زندان به مرخصی هفت‌روزه آمد

Search URL Search Domain Scan URL

URL: http://rules.balatarin.com/
Title: قوانین

Search URL Search Domain Scan URL

URL: https://sites.google.com/a/balatarin.com/about/advertising
Title: آگهی

Search URL Search Domain Scan URL

URL: http://blog.balatarin.com/
Title: وبلاگ

Search URL Search Domain Scan URL

URL: http://www.balavision.com/
Title: بالاویزیون

Search URL Search Domain Scan URL

URL: http://about.balatarin.com/
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/balatarin

Search URL Search Domain Scan URL

URL: https://twitter.com/balatarin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://balatarin.com/ HTTP 301
http://www.balatarin.com/ HTTP 301
https://www.balatarin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1

Request Chain 87

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYTOAU5cHeAxwd4tOJeJrQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENh_E6SxgwwlspY5nC2VklM&google_cver=1

Request Chain 89

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIwOTQ2NDg4NjQzNTU0NzAzOQ%3D%3D

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdInXz8VrMEy5gnRKtZGWo&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdInXz8VrMEy5gnRKtZGWo&google_cver=1

Request Chain 102

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAxYzdjYzgtOTY0NS0yNjY2LWVkZmItN2M0YWY5YzUxZTMy

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESED-GIP-LZM7AUjV1S2Lrs28&google_cver=1

154 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.balatarin.com/
Redirect Chain

http://balatarin.com/
http://www.balatarin.com/
https://www.balatarin.com/

97 KB
25 KB

503ms
485ms

Document
text/html

107.178.241.59
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.241.59 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

59.241.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

0a66d11658eb735e0c29b2bc189e046b9a2d6fea81b820ac54b91917bc9a1a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 05 Nov 2021 06:24:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"0a66d11658eb735e0c29b2bc189e046b"
cache-control: max-age=0, private, must-revalidate
x-request-id: db91a985-5c04-42b2-a912-552c692f0d00
x-runtime: 0.030919
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

Server: nginx
Date: Fri, 05 Nov 2021 06:23:59 GMT
Content-Type: text/html
Content-Length: 162
Location: https://www.balatarin.com/
Via: 1.1 google

GET
H/1.1 200
OK application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
assets.balatarin.com/assets/ 240 KB
43 KB 120ms
18ms Stylesheet
text/css 18.66.248.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d59712393b786d034b66ed0d6f749e8d1bb04514ca218c84b10e7fe22bbbeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 11:04:22 GMT
Content-Encoding: gzip
Age: 1451979
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 18:05:03 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:6a04a4c0024b66563c7ac24fc2a47bc3
ETag: W/"6a04a4c0024b66563c7ac24fc2a47bc3"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: lF9DPOM8_vHkPGticlVSHk-t6ZZjhuluJG6Rk8I8eLHyzmt41aVn3g==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 91ms
33ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb49832f2a4b17ffa3adf52b883dd02352c7033f152581a4fcf594d660513a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
server: cafe
etag: 2337565568924309764
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 06:24:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 40ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

d6d1d02238cb0b040b97cf9a0c2f0ade5af086b0fbc62f1ed796cb09915dfecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1034 / 313 of 1000 / last-modified: 1636063777"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27223
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 06:24:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 20:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 02 Nov 2022 20:16:13 GMT

GET
H/1.1 200
OK application-fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd.js Show response
assets.balatarin.com/assets/ 190 KB
50 KB 119ms
17ms Script
application/javascript 18.66.248.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/application-fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd.js
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 11:04:24 GMT
Content-Encoding: gzip
Age: 1451977
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 20:49:09 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:1c56b281b8b79714b8893619b8bafaa2
ETag: W/"1c56b281b8b79714b8893619b8bafaa2"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: PNsabqf0EWf5OZWL_qBYzXuBzPkGjjar0Z2XbbLZTZdJsgf83NFjNw==

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019974/ 10 KB
10 KB 665ms
123ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019974/square.jpg?1636027042
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 38984083170991a4559893b0ccfb37dba0d60e7cf9ed60e7a01cb764477a9a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 04 Nov 2021 11:57:23 GMT
Server: AmazonS3
x-amz-request-id: XSHBR7WX3ZSQQZE7
ETag: "e7367ca2c918540b22b9f264014f27fb"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10076
x-amz-id-2: HJflKcvJ2fR0KLuQzcub0WxTR2kdthPHg9V1kbCFpwFaa1JXgtEieyOaXUey5sVfFlFKdXeh6UI=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019973/ 8 KB
8 KB 660ms
116ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019973/square.jpg?1635939859
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 823abdb0c8c0e012bc175b9610936b15a79f4b64cc546c567e4dd71fe44fe25a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Wed, 03 Nov 2021 11:44:21 GMT
Server: AmazonS3
x-amz-request-id: XSHF9YQY517M1D4P
ETag: "408645d3ecea4bbb27c7d4c0f81d0527"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 7901
x-amz-id-2: XiM9LXswD9MaQ1ovqKr4MzsJY/HEKVtCmsgouwSUn51C4r3nERi2p18DnaezFEA0NBm8oE6OMZ4=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019972/ 6 KB
7 KB 658ms
114ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019972/square.jpg?1635890258
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ab379919c50ca7816ef1d6d453d56c335169a9cc4cf1a4fe635b4db5bdee442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Tue, 02 Nov 2021 21:57:39 GMT
Server: AmazonS3
x-amz-request-id: XSHAHQBKDPEFAVQQ
ETag: "e16124fa97d6c16870915e743e55cf1c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6461
x-amz-id-2: nFSrKqZR63m8ZVOv9pHuMuDctwT7xbJL/Mh90fSVo63/nIT/s4fNZEKKYlM/5XjVETAu/eRrwt8=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019971/ 10 KB
10 KB 661ms
112ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019971/square.jpg?1635877597
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 041d490d1711c66780218d94380266960437bf9e5111d2c46533617fa2cbdfc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Tue, 02 Nov 2021 18:26:38 GMT
Server: AmazonS3
x-amz-request-id: XSH3JNYQ7K4A8K2M
ETag: "dba88c9666352eea5bf3b7c14dc40b81"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10248
x-amz-id-2: 0YkQgUY6S/9U5ph3+1VIECVd1MMcHrV0Goe2OzgUO9QY0AZvMlA0za85pDa7nShNHGo6emksW0M=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019970/ 11 KB
11 KB 763ms
110ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019970/square.jpg?1635779464
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 906ea233d873e29618acd939573ee963d311fcc1b5622327f965a50760567c59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Mon, 01 Nov 2021 15:11:06 GMT
Server: AmazonS3
x-amz-request-id: VRVKTFJ8BBWQEY4P
ETag: "16c2206e75978d4fd251789b81c439d8"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11171
x-amz-id-2: kBjjqaygLgv9VoNh1NrM0sRutfo17qe9J/zA8R8Up2huA86/rbjXq+t3q+K38p0vyYXAS7afr9s=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019969/ 8 KB
9 KB 775ms
116ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019969/square.jpg?1635533406
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fb295f9ed52195467fea32ab3d651cba2c82540c6f250220c283e22210625ae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Fri, 29 Oct 2021 18:50:08 GMT
Server: AmazonS3
x-amz-request-id: VRVWAF8S0ESKV4CD
ETag: "fa60248f591649f0824dd79905c868be"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8627
x-amz-id-2: EIJcLRz+NC06yu99uYaoxBKob08b/f43KcP8wjg8DGpmUXo/010Jh+ktDAjT2X0JFT0Keq8Sur0=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019968/ 9 KB
10 KB 287ms
119ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019968/square.jpg?1635439473
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 903e5e86fe8b0f44a0e206fd24d94cc167ae8efd2f6d3d5e3c0d0478c1732723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 28 Oct 2021 16:44:35 GMT
Server: AmazonS3
x-amz-request-id: XSH8CPHVNKYAT6J8
ETag: "b369e5d37259ff9f845b06ac76066943"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9626
x-amz-id-2: /JEGFJA5+XLxOwl8NTM1b9f7bwSNgwqYGJeLFNSpUQK2gVxXsVUtEsIVGEUjfDcpzS0zrl3pzH0=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019967/ 10 KB
10 KB 285ms
116ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019967/square.jpg?1635414600
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b589feb2eae9436420e07b6edbff180a94ed82613a4e8d5c90fc2b8e5b4350b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 28 Oct 2021 09:50:01 GMT
Server: AmazonS3
x-amz-request-id: XSHD51DS5RT53E18
ETag: "cf8590214f2eaeee146582cd58234f0f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9864
x-amz-id-2: +iDDcebzrqGs9IteSmIBD5EOYv/40bF+bnIzhHHFK59rKVvX2M9TOh11H+QWO53FoArXuV1vtpY=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019966/ 5 KB
6 KB 290ms
114ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019966/square.jpg?1635358663
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d0949d0ec1d8265ccc140d4a24751700d175f35bc012e9ce32b8785470ae4ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Wed, 27 Oct 2021 18:17:45 GMT
Server: AmazonS3
x-amz-request-id: XSHFBJ4A5HMSSCW1
ETag: "bdb29ba6793747b59af96c7311d243bd"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5362
x-amz-id-2: WBJsDknl/D5F0HrwCVFDRB+BfGaVopaAt+6MSkaApbbUn1e++GULbhHgyTp/2hvPH/Pq4kUbnSc=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019965/ 7 KB
7 KB 401ms
112ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019965/square.jpg?1635258078
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5965fa18c33696faf34ac82fe2e8f822a454eb4730955bc45e09b8621bf5ff1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Tue, 26 Oct 2021 14:21:20 GMT
Server: AmazonS3
x-amz-request-id: XSH26V6029DZBEMT
ETag: "8100b1e74e3b66e4d6f9ed4d21b8f53a"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6856
x-amz-id-2: DAemal/i8A1Yp0i4tN6lnx1eiws9o9iX8pv+mGb5bw8/vQpBBWwnimYZHpyN1DaJRGcC+IpJyLE=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019964/ 6 KB
6 KB 298ms
121ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019964/square.jpg?1635244507
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c4987f6bdbb64b7ac43b0cd648223a109c5b49c7b86e0b34c6742087e52310e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Tue, 26 Oct 2021 10:35:08 GMT
Server: AmazonS3
x-amz-request-id: XSHFWWPQ779AN07N
ETag: "3fba30b9a7700d73c593a6eaf44b7ed1"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5913
x-amz-id-2: oBj6RWrqoP1/J8nBNPZEXoSjDA5CxJD1Ozkcp7ASA8sdiTQYMTUQcvp1KD0eRXIm3c88UFqpauc=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1019963/ 5 KB
5 KB 290ms
111ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1019963/square.jpg?1635234729
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bfeec7880358c1379265ab91d8712a139317d9a1569d1018866943e2f6e150c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Tue, 26 Oct 2021 07:52:11 GMT
Server: AmazonS3
x-amz-request-id: XSH2QW6ACMW4EMQY
ETag: "b551b07a59e70a4ddc279ff5d49e61b9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5189
x-amz-id-2: mZR9/N56Uf4dALkLidoXks46mNvstrfMPv71MgW9diwqOHIAwx1iTNjtytGkfqWhQl4LBKe7y3E=

GET
H/1.1 200
OK missing.png
assets.balatarin.com/avatars/small/ 500 B
997 B 20ms
16ms Image
image/png 18.66.248.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/avatars/small/missing.png
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03d5c445fbf76b8749bdac185d39ee6f2255ba15d67c66f10a7c69d978ac3faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 11:03:56 GMT
Via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 30 Mar 2019 22:04:25 GMT
Server: AmazonS3
Age: 1452005
ETag: "24a925b59aad1a6cd61c43fb77941c20"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 500
X-Amz-Cf-Id: 73MpQSQQ05fSwaMYnfaifF5OUQBx-UyaM6Q9P6optsAbcQZIsiHe2w==

GET
H/1.1 200
OK 5696775.png
s3.amazonaws.com/bala.static/links/ 4 KB
5 KB 514ms
113ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5696775.png?1636050492
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a8d3582896af43620c8a3192be5d876030b1a7a573f673b4103a848832f5b758

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 04 Nov 2021 18:28:13 GMT
Server: AmazonS3
x-amz-request-id: XSH2AJ96217W00GH
ETag: "13c7cfd55f8c2fb043e9e1a7eb300793"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4346
x-amz-id-2: yFj4ws3mDciQiDa7gJqVVf944S9YIQz6stvae3bVlfv+0TKaLM8bSRwd6nVJba1sXmGbbiT46to=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/187580/ 596 B
986 B 289ms
122ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/187580/small.jpg?1630002964
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a095f2110083c0b41096041d4a28ffaa1fec8af6325ab74c01b11ec81f75aba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 26 Aug 2021 18:36:05 GMT
Server: AmazonS3
x-amz-request-id: XSH42E67QH0EC1JH
ETag: "b8ff48e248b985e612b0680b78ea3922"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 596
x-amz-id-2: Y0KldN5t8kBwgTdjXFVSvPY8gppJmfrcUK/vhpV3mNFfOAQLK0BbbsIqosKyUYZNBIcnk9uG1uA=

GET
H/1.1 200
OK b7633208-78e5-49f2-a669-b74552b51e12-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 6 KB
7 KB 411ms
112ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/b7633208-78e5-49f2-a669-b74552b51e12-thumbnail.jpg?1636055030
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 105e2f8204e6e95a7d0ea145d8fa9d8458713238fbb69fea9efb570ce0722e01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 04 Nov 2021 19:43:51 GMT
Server: AmazonS3
x-amz-request-id: XSHCC0P0QEKCGD6J
ETag: "a76b3ad203e712c159b2902ee718892d"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6376
x-amz-id-2: iLkAmqR7+7qxnxVD/kw9/laMtKKTMS9kQzKPtGsRfniqEGtUfj1bB2v8lWDuTuGMfcUwBWRNnZc=

GET
H/1.1 200
OK cb0e3315-4e4b-4031-a98d-f80ad65f03bf-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
4 KB 406ms
114ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/cb0e3315-4e4b-4031-a98d-f80ad65f03bf-thumbnail.jpg?1636040325
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ac241351963d0fe3dc81af2508f1a6afd7ec53210d4eb45b09a1d9c001e968a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 04 Nov 2021 15:38:46 GMT
Server: AmazonS3
x-amz-request-id: XSHAH2406Q77Z34E
ETag: "30369ba67f39290cd624f6eaa31c3aef"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4166
x-amz-id-2: bT6XfNBVShvH8+bXCjm2lz2beHBOP2dpvRzPYF4lx98M+06R3jRg1ArGbJwaetaNdFXgRbr4p2w=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/181522/ 564 B
954 B 403ms
112ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/181522/small.jpg?1626167408
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a0aa51640b4b7a18294c8779e4252e86c5b71ea5bbc404dd1428e54e29283b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Tue, 13 Jul 2021 09:10:09 GMT
Server: AmazonS3
x-amz-request-id: XSH2QA0HYGCB1439
ETag: "7de8c015dcd9eb995675a669717a94c2"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 564
x-amz-id-2: tJQaUUBQU4fzfvBUGFHhxqJWow2jUfwEsxN2Hm9/Bd+6KUA6kVBjAMk6xyv2I+EgZxwb7Z9xcKM=

GET
H/1.1 200
OK 7434114f-440b-4c0f-bd6c-a11f4b5dacf4-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 406ms
114ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/7434114f-440b-4c0f-bd6c-a11f4b5dacf4-thumbnail.jpg?1636054674
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e33f0edf56cfe3fcd56703ed84036c5d10615663cc829f094ce4c37b23fc80fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 04 Nov 2021 19:37:56 GMT
Server: AmazonS3
x-amz-request-id: XSHAZ5CB33C7979F
ETag: "9d97c13e96a4e57764890ef8bc2eb58f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4934
x-amz-id-2: l7Ypq9htwicIzTDkSLX+0oFd4g9NkauKL23vzAbmY5/6eyne1KdTvAu6L6pLUCaEk3Z3iZwnNVg=

GET
H/1.1 200
OK 5696725.png
s3.amazonaws.com/bala.static/links/ 12 KB
13 KB 401ms
110ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5696725.png?1636045142
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9a4eeac096226d9bbe714b088e7ed786ded793f2055f554f8afdeb86896630b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Thu, 04 Nov 2021 16:59:03 GMT
Server: AmazonS3
x-amz-request-id: XSH76X1SZYJPR7DR
ETag: "4bdb259841a920d9a2a34bbfa84c80e3"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 12465
x-amz-id-2: ZIOlJk/xxDVv1y9LBYo8VtNxBk3quDP8GFIxy0lKBQCoZz3T+PM+V+O+fYwKulPmxzdV1R7WJ7c=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/96931/ 586 B
976 B 522ms
139ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/96931/small.jpg?1596886681
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: abe58f705be3d0596ceaab779336b2d231b4ff1d2d186d68995b141e9d98c054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:01 GMT
Last-Modified: Sat, 08 Aug 2020 11:38:02 GMT
Server: AmazonS3
x-amz-request-id: XSHFRQ8KC5VK5WGD
ETag: "83da4d6b738c2a5896207d82a4983efe"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 586
x-amz-id-2: I91jSjLeT5esmcRBLO5dxWH8unFdg30KaFcP23WTrODS5jEDmUxGQpION+UolV1FwN1RLLXqK4Y=

GET
H/1.1 200
OK 5f553711-b55a-421c-a5a5-108c98d92f48-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 115ms
115ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5f553711-b55a-421c-a5a5-108c98d92f48-thumbnail.jpg?1636035218
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d43e21ef6cae0cc8a20ba44c7f524173229689417d8a760eece647beada16f6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 14:13:40 GMT
Server: AmazonS3
x-amz-request-id: VRVZ35RQ618KYJYB
ETag: "6f98b9f8d83275a7da074c13a87774cc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4876
x-amz-id-2: ueRIWEnOahQlaFkvPkFqYo0d8ZCcE0kL6zfBTGPxqLLsYMGmAghso4GjfU9WpsBbjBoOcqH0I2A=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/117146/ 354 B
744 B 117ms
116ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/117146/small.jpg?1515130967
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d213eb2348dfa185b18a1f7f6b4acc67238aba87f4ccad1dfaa0be0963214a33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Fri, 05 Jan 2018 05:42:49 GMT
Server: AmazonS3
x-amz-request-id: VRVTSW2SENP3JBEM
ETag: "6ddc7db69bf2e4dd6b1f7388bf973d8c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 354
x-amz-id-2: muUdQqVU2lQWF6to50z5KdExUtrSQPp27+7OOMw6lBtvRq89QgWpJBkpjI8S/nskh6672quknLg=

GET
H/1.1 200
OK 14c73e9f-a805-4510-9e72-9be1a796c330-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 6 KB
6 KB 112ms
112ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/14c73e9f-a805-4510-9e72-9be1a796c330-thumbnail.jpg?1631519451
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0df244751fbd24d53fc976210530e46dd86a6557763ddff979e142b6ca74e313

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Mon, 13 Sep 2021 07:50:52 GMT
Server: AmazonS3
x-amz-request-id: VRVJ5RSWWTA68WSK
ETag: "6a3373ebf38ceb7637d92ec80d0dc7a6"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6162
x-amz-id-2: Vuj8sztuuVgRov+L6qgdhT7kKhQ5dq0ktOpelo/eSx0hq/3FmcYc3v+M2tuEH/tEwkcrH6uSUt0=

GET
H/1.1 200
OK 82cabeb2-dd51-496c-be83-f0686ad42420-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
4 KB 110ms
109ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/82cabeb2-dd51-496c-be83-f0686ad42420-thumbnail.jpg?1636053023
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 307520ca90b125e2d66d9c04f56978a2a646dca639793e15359e0575d474340e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 19:10:24 GMT
Server: AmazonS3
x-amz-request-id: VRVKEMXANGTY88WT
ETag: "d640f2c678e67b556c9d1c06c73d442b"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3524
x-amz-id-2: FDzqHyzgOYL98wXVxKCSDDaPnAlYKXNIIya6FZqTpHdwlt8T//YaqGq6jeqYT6bD/05bEq4jfS4=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/55967/ 409 B
799 B 110ms
110ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/55967/small.jpg?1513326902
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7056d4c239b8dd9b29ba5a98d89399c4101cf00cd9415f54cdac737299250bf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Fri, 15 Dec 2017 08:35:03 GMT
Server: AmazonS3
x-amz-request-id: VRVWJ5E6ZZ1RRX3E
ETag: "c46f9839851434da51b991210a3c2c60"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 409
x-amz-id-2: NzTs2xDsjiuI3/043p9sjceIQJwcq+2lRfUVhOzWHVKo+w87XT+BxLSkwOKceHiQPBZztJQjTMI=

GET
H/1.1 200
OK 92fec723-0c40-42c0-b474-b1bdce7c4ca1-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
3 KB 115ms
113ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/92fec723-0c40-42c0-b474-b1bdce7c4ca1-thumbnail.jpg?1636043100
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e963d28a570c55c82529185cbb932d9144b8f7cf6fb268d562024f888f3a4d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 16:25:02 GMT
Server: AmazonS3
x-amz-request-id: VRVT1AGRAVTGWZZ0
ETag: "e382d70c3be178c9651b9a28c3fba540"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2839
x-amz-id-2: ncVyVWlOOQE4bjWn4Ihj5T9H+lnuTDTWn0FG4lYR4rZQt4MNUopvFDwzBxw1fxHrl0FklP6jYAk=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/127074/ 365 B
755 B 113ms
112ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/127074/small.jpg?1487859874
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd9a783ddcf65eed96951b365a74ae656e34dffbc6917f6b48f6ba64d8daa95c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 23 Feb 2017 14:24:36 GMT
Server: AmazonS3
x-amz-request-id: VRVJ8NVJNWMAWJ9V
ETag: "f138fc02042fabfd8774ce68c4c9262b"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 365
x-amz-id-2: xKdWQW/Y+AASzfCorq28BBNNyHeJAAZnbwQRYyYN3djY8F+XTvPFeRSzDvzHW6/BnqO4gRE0hn4=

GET
H/1.1 200
OK 5696723.png
s3.amazonaws.com/bala.static/links/ 14 KB
14 KB 115ms
113ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5696723.png?1636044998
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ac83d933b0e2feb18d5d44c5f912708aa430b79f3966895fd62a6d1187af5b49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 16:56:39 GMT
Server: AmazonS3
x-amz-request-id: VRVM6X9NFG4E47DK
ETag: "ce27765824537d5034cf0eef169a562f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 14093
x-amz-id-2: TkzUmC25qNWI04vdnlgWoBsMGRI7sQYFPuvSoxcCgGtThNrqDl52Bqw1GJYZicpKKeXwisX/i9w=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/14135/ 691 B
1 KB 115ms
115ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/14135/small.jpg?1611034065
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd49da589214e08328a45219da5dcad93a54abd65753de47ffa60cd99e452af7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Tue, 19 Jan 2021 05:27:47 GMT
Server: AmazonS3
x-amz-request-id: VRVX6XAXRMBD2807
ETag: "77ff891c26d4e3b06b1030bb1a37ec3e"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 691
x-amz-id-2: rbbY0v66hBcSsxKgW35l0Sl0sJxrl4E89E80TigVgUAT/ujtXSNNkJW/Ky4zo+XDEzC+9VHwUKA=

GET
H/1.1 200
OK 5696798.png
s3.amazonaws.com/bala.static/links/ 4 KB
5 KB 109ms
109ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5696798.png?1636053008
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f02bda296fb979e9ddf4b99b8b540ddf66566fe97387842954f338008154f452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 19:10:09 GMT
Server: AmazonS3
x-amz-request-id: VRVHAKRMYC30WYA3
ETag: "7e24c2361f50b0633c476ce3849c61fa"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4484
x-amz-id-2: yPiNsEAKGszUfxvsvtui8i/KdJYB+iP4jr7jEFDWgPeB9UmTeI3k7z7vQDdCPnGly+HyWYlBvXU=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/97293/ 726 B
1 KB 114ms
113ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/97293/small.jpg?1603719272
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f302819f800bc68fdfdf3cad6214240248af78d7071488b2149d2378c105fbf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Mon, 26 Oct 2020 13:34:33 GMT
Server: AmazonS3
x-amz-request-id: VRVPMT0EZ2ZXF6SS
ETag: "98f63c30f26386aa2ff06f28309f14b3"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 726
x-amz-id-2: nhP1+s+XwEZeDrhKNeDB1U9Zp8K/uH4UCmsUfpUaLbwvPHPR/+Ch/DVgzmiAiRusSrvlLDhx6f8=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/181523/ 646 B
1 KB 111ms
110ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/181523/small.jpg?1615819877
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0a9649faf44a921411a66aa1fe60ad1b30aff3942c8ad679bd612edbc67431e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Mon, 15 Mar 2021 14:51:18 GMT
Server: AmazonS3
x-amz-request-id: VRVVQ04961M20G21
ETag: "c75b8eacdc3c25bdda966b84cd9a4a73"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 646
x-amz-id-2: 6ZmjnH3RHDajar9IsytbmHLAvHZqD0OQk1cxQKgn2a7CH1jTqFDzCYofT6MEm+DVlzDvJDMior4=

GET
H/1.1 200
OK 18247364-0f58-4dfb-afce-dcfbad5901d2-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 6 KB
6 KB 116ms
115ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/18247364-0f58-4dfb-afce-dcfbad5901d2-thumbnail.jpg?1631462420
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fa4438f4a34aeb7e17df15b02f3456db77358e41f815727adc422a714715974e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Sun, 12 Sep 2021 16:00:21 GMT
Server: AmazonS3
x-amz-request-id: VRVM1DASX9SYG0HM
ETag: "268df4b24c5e5045e0920a60e39c1d54"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6220
x-amz-id-2: AY/myjyXRYeV3uCw63h0IaJdZcOUvddBbJGhlg20N3DCYsXrM6flUpKdGQTdSkHKuU0gajIS110=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/110747/ 405 B
795 B 116ms
115ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/110747/small.jpg?1497211126
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f1184a3fa0d2ceef8850b9b41a1fc30424ee6da00dfdec37dc3c7531700bc4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Sun, 11 Jun 2017 19:58:48 GMT
Server: AmazonS3
x-amz-request-id: VRVW8JJNRAHH0ZW7
ETag: "f23175fd7d82f8a58b4cae5807e8d1d7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 405
x-amz-id-2: 09YdRNE8mW4p4XfC2jwm/w8JP0Fzw1ITy6Bk1TmKHgtQ3kKXQAjblHNuOg9yBf/XSUUhGUpcmY8=

GET
H/1.1 200
OK 5696813.png
s3.amazonaws.com/bala.static/links/ 7 KB
7 KB 117ms
117ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5696813.png?1636053973
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bd512d44dc335bd8ad05670d2d754fdf3de777ea680bf9e5d6b944b7414f6975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 19:26:14 GMT
Server: AmazonS3
x-amz-request-id: VRVT6PCGSFN34ZVP
ETag: "265ce0cfc777a0dc0f26eb4906d485ee"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6905
x-amz-id-2: I+PrYYOJU5t4OzhTAJ3BH7jzzHjp37dJnqjxCrfSEt6WNuinpX9YQr7awUCiU5WNjLZLQ3DHl4E=

GET
H/1.1 200
OK 26eee657-6fa8-4249-92bc-6c480dedc45e-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
4 KB 112ms
111ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/26eee657-6fa8-4249-92bc-6c480dedc45e-thumbnail.jpg?1636051754
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f10f8b6b97f334ac7d5c0331f03337849e441f936dd98cec6909e3577234da71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 18:49:16 GMT
Server: AmazonS3
x-amz-request-id: VRVMXDR6B0696EYZ
ETag: "79b10bb23cd2458c4c66412185661746"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3899
x-amz-id-2: DDYgtaib9R3gQJzhhGkXAlxHKkIqVBIuWGmEQFap8mpbrFa7oRALJP/360ypqg4nHnDGE4C3hck=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/12456/ 662 B
1 KB 109ms
109ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/12456/small.jpg?1559121684
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc501b4b4201cbf922e2e8283e7956042732a2149b7ce1656ab60eba1a759eda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Wed, 29 May 2019 09:21:25 GMT
Server: AmazonS3
x-amz-request-id: VRVKJQRRMGY5EZP1
ETag: "8a0601d86da880f8c68928f145c4c73f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 662
x-amz-id-2: UyYDdrrpbVF3EJnBss5FQ5EiZ6lAeaIyxHbfFx1slD1q6Cy2gY7czMqbDGA5V/f9nxOg7uT//qE=

GET
H/1.1 200
OK 5696732.png
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 111ms
110ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/5696732.png?1636045633
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fbdb155285c04ce38351d4e35ee244a28f3e7a8f0865fd4131fe51096911ecd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 17:07:14 GMT
Server: AmazonS3
x-amz-request-id: VRVKGMYK85NFWD0C
ETag: "6921adf3493012ad585f51e560aeff39"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4745
x-amz-id-2: b8IHyLaIrIxICaSEQktWXb+9s4jlWGFiDC4f1vLGaU3hFNhdSIha8f1zPeggt53Qlwx+FKtt3QQ=

GET
H/1.1 200
OK 3470b809-d979-4087-86ff-99e5fbc030ea-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
3 KB 115ms
113ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/3470b809-d979-4087-86ff-99e5fbc030ea-thumbnail.jpg?1636044451
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be0ec02366a3b62c5201f82136f514079dda10464671ca87f875c54814112cec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 16:47:33 GMT
Server: AmazonS3
x-amz-request-id: VRVJBRXXYRJCPVHE
ETag: "3fcb80ddce16c311b034d406dc411310"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3021
x-amz-id-2: tJ2RYHVItEs7tiNkSnEIHvVkTK08ZwqbvtbWdd89rgsY9Bcps5Y3TjKcU4gMRArU0i/Kc8r3n74=

GET
H/1.1 200
OK c4b1ff3c-1dc2-4d87-9962-731c077eba11-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
6 KB 110ms
110ms Image
image/jpeg 52.217.45.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/c4b1ff3c-1dc2-4d87-9962-731c077eba11-thumbnail.jpg?1636050899
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9d9214be4539b3439a030f342167f24dd0703d1f45b7160ce45499310afe2da0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Last-Modified: Thu, 04 Nov 2021 18:35:01 GMT
Server: AmazonS3
x-amz-request-id: VRVYCJVC5WG1MWNP
ETag: "149246a2da2c92d330f5af2f26636398"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5570
x-amz-id-2: J+O9VeLW+cAlzEDUbGoPQqdMHW+Yuz/1Uy/F8twARWN/UxGcAkrXqrRDsEpLspAbddo9J2m1tbs=

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 22 KB
8 KB 108ms
14ms Script
application/javascript 18.66.244.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=072caa77-813c-41fc-84e3-1af5067d7f16
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.244.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: d93784357fad185710198e8c035fb6c0eb7c58cd0a04d97e0ada44131012027f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: Public
date: Fri, 05 Nov 2021 06:19:14 GMT
content-encoding: gzip
server: Server
age: 286
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop: DUS51-P1
content-length: 7346
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-amz-cf-id: CXT14rUIuE7Fg-78uV14Vj4WAXFTsymBO3_5NGnbY5co35XMY_IHEQ==
expires: Fri, 05 Nov 2021 06:24:14 GMT

GET
H/1.1 200
OK logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
assets.balatarin.com/assets/ 4 KB
2 KB 16ms
15ms Image
image/svg+xml 18.66.248.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/assets/logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 11:03:57 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 09 Nov 2020 23:17:47 GMT
Server: AmazonS3
Age: 1452004
ETag: W/"699129013888caccc30ce00dc03acd6f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: QvtOhSuDC_-maP2svIe07t3XYvxeQaqIaxRZH1a-6kp7ok95pEZjqQ==

GET
H/1.1 200
OK fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
assets.balatarin.com/assets/ 75 KB
76 KB 52ms
16ms Font
binary/octet-stream 18.66.248.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Requested by: Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Origin: https://www.balatarin.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 11:03:56 GMT
Via: 1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Method
Age: 1452004
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 77160
Last-Modified: Mon, 09 Nov 2020 23:17:46 GMT
Server: AmazonS3
ETag: "af7ae505a9eed503f8b8e6982036873e"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://www.balatarin.com
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: pYAolgEUZNtg6tWOwbJDcTpe-KB0eNs6srOwH0iziCiWlla5CQS-2w==

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111010101/ 271 KB
97 KB 41ms
40ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31063399

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4588342bba11ba153481b64739ea88d258aad20dc1f0ddd03f0aa0edaac3802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99382
x-xss-protection: 0
server: cafe
etag: 6874878588253010926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 06:24:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/ Frame D0A5 10 KB
5 KB 50ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 04 Nov 2021 07:46:02 GMT
expires: Thu, 18 Nov 2021 07:46:02 GMT
content-type: text/html; charset=UTF-8
etag: 4894049669965931928
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4757
x-xss-protection: 0
age: 81478
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_2021110301.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
117 KB 20ms
19ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119127
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 06:24:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 92 B
113 B 30ms
15ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.balatarin.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

cbcfa87fa97d4f60ace8d50983766a21457eae3f0444740aeebd231d4c20a739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Fri, 05 Nov 2021 06:24:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
409 B 15ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.balatarin.com&callback=_gfp_s_&client=ca-pub-7031645305449270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31063399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

36b5e5851621a33c738e5b04c72dc4321a347f9e1f61a9e0b6020e7e7607493a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 61ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.balatarin.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 61ms
24ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.balatarin.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 168ms
34ms Image
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.balatarin.com%2F&tn=DIV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7720 19 KB
5 KB 387ms
85ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1636093440&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440438&bpp=2&bdt=228&idt=153&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1575939950739&frm=20&pv=2&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=172

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84a06c3e4c8332045aa5afd5def69f6db9866f900e53fceaf6325bb049490e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:24:00 GMT
server: cafe
content-length: 5298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:00 GMT
cache-control: private

GET
H/1.1 200
OK logo-footer-5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11.png
assets.balatarin.com/assets/ 826 B
1 KB 15ms
15ms Image
image/png 18.66.248.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/assets/logo-footer-5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11.png
Requested by: Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.balatarin.com/assets/application-6ea20005522facc318c2531f147f4b8e93c67b38fd0ea0a6d64f28bc152180b3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 11:05:04 GMT
Via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 09 Nov 2020 23:17:47 GMT
Server: AmazonS3
Age: 1451937
ETag: "d6866d17619bc26a183d1c88f469f3e5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 826
X-Amz-Cf-Id: COXcolmMWHJZ5qY2UQJqduUyxNpx-S41ODiYZ9Zji-ESz7iuMipMgg==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E890 430 B
399 B 414ms
127ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1219443404&pi=t.ma~as.6838607656&w=779&lmt=1636093440&rafmt=12&psa=0&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440476&bpp=46&bdt=266&idt=142&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=605&ady=1050&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NOBriB6TUw&p=https%3A//www.balatarin.com&dtd=149

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1d6225975e29e029a12b95116b17e998b2e7d95756d103083de6a11ef8d2727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:24:01 GMT
server: cafe
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 62ms
19ms Script
text/javascript 2a00:1450:400e:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 4210
date: Fri, 05 Nov 2021 05:13:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 05 Nov 2021 07:13:50 GMT

POST
H2 204 i Show response
www.balatarin.com/analytics/ 0
45 B 364ms
363ms XHR
text/plain 107.178.241.59
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.balatarin.com/analytics/i
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.59 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 59.241.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.balatarin.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
via: 1.1 google
server: nginx
alt-svc: clear

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
17 KB 49ms
49ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1036614213874352&correlator=1322296200660883&output=ldjh&impl=fifs&eid=31063415%2C21068030%2C31060889%2C31063246&vrg=2021110301&ptt=17&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=3679856%2CSidebar-Middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1636093440&dt=1636093440696&dlt=1636093440211&idt=464&frm=20&biw=1600&bih=1200&oid=2&adxs=290&adys=1808&adks=3772982170&ucis=1&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.balatarin.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x0&msz=336x0&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

c94a1406b61864413393911ccbcce4818af3a5bf9fef1c8198611e1daa4ababd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17697
x-xss-protection: 0
google-lineitem-id: 1279745296
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 113000655376
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3663 6 KB
4 KB 87ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 06:24:00 GMT
expires: Sat, 05 Nov 2022 06:24:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6666 430 B
378 B 332ms
130ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=78860692&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440574&bpp=1&bdt=363&idt=133&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=605&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VLB0xZ4xf7&p=https%3A//www.balatarin.com&dtd=136

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5875326ec6d93e5ef0828c3337548714ae85f230f02a58a52b2328ae2f68365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:24:01 GMT
server: cafe
content-length: 208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F2BF 76 KB
31 KB 335ms
146ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1636093440&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440575&bpp=1&bdt=365&idt=145&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90%2C779x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KEwsVlDos1&p=https%3A//www.balatarin.com&dtd=148

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e84114a3dfea9de7526d14afbd5058dbb223bf2a82e3ce1673bf900df67e186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:24:01 GMT
server: cafe
content-length: 31469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F7D 13 KB
7 KB 399ms
216ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440584&bpp=1&bdt=374&idt=143&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78307ac215b1f7e8-2211fe7120cb009c%3AT%3D1636093440%3ART%3D1636093440%3AS%3DALNI_MZu0cOQpoefaR1BRiIHt9ElICukXA&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=254&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=so69B0mgIa&p=https%3A//www.balatarin.com&dtd=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d372acd305d7a183222e9550520ecd447d77e1e6718a499b8bed63da233434c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:24:01 GMT
server: cafe
content-length: 7469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 66ms
22ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-594291-1&cid=934517177.1636093441&jid=1617846298&gjid=1424420786&_gid=1641167353.1636093441&_u=IChAgAABAAAAAE~&z=772271413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.balatarin.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Nov 2021 06:24:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
19ms Image
image/gif 2a00:1450:400e:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=294366073&t=pageview&_s=1&dl=https%3A%2F%2Fwww.balatarin.com%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D9%84%DB%8C%D9%86%DA%A9%E2%80%8C%D9%87%D8%A7%DB%8C%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IChAgAAB~&jid=1617846298&gjid=1424420786&cid=934517177.1636093441&tid=UA-594291-1&_gid=1641167353.1636093441&z=1946571961

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Nov 2021 15:51:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52335
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
19ms Image
image/gif 2a00:1450:400e:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=294366073&t=event&_s=2&dl=https%3A%2F%2Fwww.balatarin.com%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D9%84%DB%8C%D9%86%DA%A9%E2%80%8C%D9%87%D8%A7%DB%8C%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageview&ea=loggedout&_u=IChAgAABAAAAAE~&jid=&gjid=&cid=934517177.1636093441&tid=UA-594291-1&_gid=1641167353.1636093441&z=555191371

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Nov 2021 15:51:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52335
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC17 0
0 44ms
44ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto0uKbfEeTQYzzqfMZRJWnI9bd9GtV4rvolS37B0GtQ4AYCwRu2uMMbTLQpHqcjwtuIToi6Ja5la-iV4LJ_HheJbVh-bjWN0ewMF3ZzAyuPq6woxGABK6e2W7qLG5FMe264E9WFXkoNcIC1zszF6YGikfEHS2waiX6nw97O6VrOM7h1nj0aUPGMKDSxM0FClRn5wBJPG1a8Aozh9zRSqeD_B__oEEFp5XjahkdmammC3-63AkvVBxtsOBk2Hz6VRdLfYuYVXBM12zbqQzzjqJ9Gekq4_aUjp1UdulNrtBdJLhCaPuuyrSWLedB&sai=AMfl-YTKaSeRDUIppjw6nWq0wuKzbuJVgtunHgaqMi8S7no0thkFzZSApsD5NU8p1cnPSttzhhwZZ6Yx1cURGRNe1ZKgBV2VZBNIl7IcmqZRoNseLxyPWWnmGHF37rQytheL&sig=Cg0ArKJSzMhDBPZKV83LEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Nov 2021 06:24:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame DC17 19 KB
8 KB 78ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:48:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DC17 3 KB
2 KB 80ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC17 120 KB
37 KB 379ms
342ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 11014814240268210796
tpc.googlesyndication.com/simgad/ Frame DC17 35 KB
36 KB 83ms
19ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11014814240268210796

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e581c3bf6f9547d2b323c8e1ab6546470435b69417d12984bc0fb08c90307112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 03:36:56 GMT
x-content-type-options: nosniff
age: 96424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36079
x-xss-protection: 0
last-modified: Mon, 11 Apr 2016 23:11:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 03:36:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 43ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-594291-1&cid=934517177.1636093441&jid=1617846298&_u=IChAgAABAAAAAE~&z=984162432

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 63ms
26ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-594291-1&cid=934517177.1636093441&jid=1617846298&_u=IChAgAABAAAAAE~&z=984162432

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2BF 42 B
110 B 34ms
33ms Image
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DL6vm400Oyqcgp3oVUxKjQuVOorI7y5YyCiGpuWido2Q6PgmRzf9bVEZXQ-cmVyVxOx_5Ks75vXscR6hj060FIRfi3Krit4O8LOF_MIablOxIS87U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1636093440&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440575&bpp=1&bdt=365&idt=145&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90%2C779x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KEwsVlDos1&p=https%3A//www.balatarin.com&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6304 624 B
426 B 29ms
29ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLNGRCMuvrSAhjb5YKrATAB&v=APEucNVjPUcCUBHMkpp8eRZ2zJQ4_H9_lS6lUTPy7BuXVHQ6GN7biq1nJgiX-IDReSpawoAn0O4eKXs0KVmQa66A9VI6es2rPG0vxk_K0rhq5hUwiH-WWQw9QvkSB7oJczwHdZbHAhUNj65YbEko4N7uBLJ-itLB96i04WRFKL6Hw-9kWkTl2uA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1636093440&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440575&bpp=1&bdt=365&idt=145&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C779x90%2C779x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KEwsVlDos1&p=https%3A//www.balatarin.com&dtd=148

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 06:24:01 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame F2BF 3 KB
1 KB 320ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2BF 120 KB
37 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame F2BF 15 KB
7 KB 317ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:34:05 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F2BF 106 KB
38 KB 77ms
10ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 08:37:30 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame F2BF 6 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2631
x-xss-protection: 0
server: cafe
etag: 10983085961369067521
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:01:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame F2BF 19 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:23:15 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F2BF 41 KB
15 KB 285ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6304
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1

43 B
1014 B

43ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLNGRCMuvrSAhjb5YKrATAB&v=APEucNVjPUcCUBHMkpp8eRZ2zJQ4_H9_lS6lUTPy7BuXVHQ6GN7biq1nJgiX-IDReSpawoAn0O4eKXs0KVmQa66A9VI6es2rPG0vxk_K0rhq5hUwiH-WWQw9QvkSB7oJczwHdZbHAhUNj65YbEko4N7uBLJ-itLB96i04WRFKL6Hw-9kWkTl2uA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 06:24:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Nov 2021 06:24:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6304
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYTOAU5cHeAxwd4tOJeJrQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1

43 B
894 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLNGRCMuvrSAhjb5YKrATAB&v=APEucNVjPUcCUBHMkpp8eRZ2zJQ4_H9_lS6lUTPy7BuXVHQ6GN7biq1nJgiX-IDReSpawoAn0O4eKXs0KVmQa66A9VI6es2rPG0vxk_K0rhq5hUwiH-WWQw9QvkSB7oJczwHdZbHAhUNj65YbEko4N7uBLJ-itLB96i04WRFKL6Hw-9kWkTl2uA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 06:24:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Nov 2021 06:24:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEW9O2U0S2UrzvqdHfveMv8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6304
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENh_E6SxgwwlspY5nC2VklM&google_cver=1

43 B
1004 B

8ms
8ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENh_E6SxgwwlspY5nC2VklM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLNGRCMuvrSAhjb5YKrATAB&v=APEucNVjPUcCUBHMkpp8eRZ2zJQ4_H9_lS6lUTPy7BuXVHQ6GN7biq1nJgiX-IDReSpawoAn0O4eKXs0KVmQa66A9VI6es2rPG0vxk_K0rhq5hUwiH-WWQw9QvkSB7oJczwHdZbHAhUNj65YbEko4N7uBLJ-itLB96i04WRFKL6Hw-9kWkTl2uA

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 06:24:01 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 02d2110b-ca2b-4754-9cfc-475c4dae969f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENh_E6SxgwwlspY5nC2VklM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6304
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIwOTQ2NDg4NjQzNTU0NzAzOQ%3D%3D

170 B
188 B

33ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIwOTQ2NDg4NjQzNTU0NzAzOQ%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 06:24:01 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bd421096-2d26-4623-9ddb-57f34f26ec3b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIwOTQ2NDg4NjQzNTU0NzAzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F7D 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3jqxGlRxfFVVhf2NQbzQbvJQCPqHqJQScQEcgT2qd4fidyPXWLBoPg04i-NllTrdjrJ1lTxLolcfa6juWpeiunNxTwK2JmH0KRss4PV5UBm1JMQE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440584&bpp=1&bdt=374&idt=143&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78307ac215b1f7e8-2211fe7120cb009c%3AT%3D1636093440%3ART%3D1636093440%3AS%3DALNI_MZu0cOQpoefaR1BRiIHt9ElICukXA&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=254&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=so69B0mgIa&p=https%3A//www.balatarin.com&dtd=145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2F7D 3 KB
1 KB 260ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:21:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F7D 120 KB
37 KB 331ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2F7D 15 KB
7 KB 254ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:34:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2F7D 0
0 19ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS641HaQjPTU_7d--0WgvRwLeJVhdvfbhCWTUAs0fy_Whjw60vHD0T_E9wsJmDo1UL3bMVFO7K-h_mleYgl6MYAbP1fnA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440584&bpp=1&bdt=374&idt=143&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78307ac215b1f7e8-2211fe7120cb009c%3AT%3D1636093440%3ART%3D1636093440%3AS%3DALNI_MZu0cOQpoefaR1BRiIHt9ElICukXA&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=254&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=so69B0mgIa&p=https%3A//www.balatarin.com&dtd=145
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3399 640 B
445 B 24ms
23ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyXvwEQlafNARj9vJe4ATAB&v=APEucNUueT65pP3rHVuoZXh0YVrA7y7tlI4Y3seMy9bt5a_ePIsAea0uG7c3BmQZfRUqEo5Xgzw5xZObzoeokdUdTRUnXkynQytdeSdCNun__S33T-eSVhtfOneuAcuE8vW5CWBRkLgjQ9KP63vT9yqlz2MqmzmDAn5HFhShiu4OHcWvdOKrk6I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440584&bpp=1&bdt=374&idt=143&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78307ac215b1f7e8-2211fe7120cb009c%3AT%3D1636093440%3ART%3D1636093440%3AS%3DALNI_MZu0cOQpoefaR1BRiIHt9ElICukXA&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=254&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=so69B0mgIa&p=https%3A//www.balatarin.com&dtd=145

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 06:24:01 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F7D 73 KB
29 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7vLZO9znZbgQBKG-o3iCvozs5d7bkZNeBboH5WvDhL82mAkv81Z6nOsmVzhCmil_ZuhCW2lvPy68DBJFDRjeuK6LFpvZU7-p5HAdzaeBFY1H2Mgy24bgep6BQy0LB-Ytly4cGH8FsAZTUjASETQ9BhnbLTQ&dbm_d=AKAmf-DA8uJHodL53CJtJHy3Nq5oGfOuH5jqvreO060OCQUYKZ9HoSa2aFPAwbL1AIqVDUipCxBfNynDt9AYQzD-pYbk5iDd53Tu_DiRDYxkua85KOAW7qkfv3JTwPTotEor_OuIgD1zWTP5ONUx3lf64KnrJ-6F1kZFseBQIpbN6Jj9rnK_zgAtWwU3twWtZVoVC6FDLivRcYLbaYaeVAbVuqn9OtCmmYXgEIcT30nmZbDA1qQFyNkOxSsmyJmjfr-eOJ5qXDMZfSg9Al25asYJqMUHtfdaSTIhtKXKy7hPT2i5eyUw9VK8dkne291YkIwRCb_2Cps6Ow2azRLvTzAK0r55XE_5LRC3e9qE-7ohqJNqIPBsV64zXN3yEh52OZbAhQRirT4YYM0rJyg9oxk4tRsFQRqwh56Jjfj-JJjbcy7IetliBtx15TOwN4kmqXxGW4cZGR4afcnsPbYFBg2H63LfVDijhZnaDkktKUwfnoL27lg6UaGdLXGW932MEFoi77VT04LLXOGGWtuSpYCcCOwk_LG7XPF3UkFNcSVIb1njancnRAj8U3OX_I422PF1Om9ggG_QHkDSCkIP5Sm03_4v3nGdh1lm3FVHL6bQCFdqI3NDV7AvSl2oG2vZziyv9hLKmldnjhzky4LaZ7mUnoengqX0t6cwHLNWS_rd60jY1D0ZJYQkNgeDZ7XpCbIIpQNZuM_2H_Og458uK3BIS5uRh26aALH2V3RY15taJ8hUJplZTCJepv3fUuxisZ2XrgE44o0mduKKy_GkyNF_LNaSORheOiIsznN7yznu7krapJnI3R3RgmRb3n-rJLgK0VNI8ONSN0dZgWj_HLpip4e4PoeHsdMUJ5xQSW3jffFKREmwcyglZhWImt8gJ0TQokbCV8mUht2i2gVoSyysWG3MN6AEHr6Z5kifGUVc66KxFW0e0jZD_ALms3trgC8cuCC4YSYz_Ull6hM7iH68N0IgKiRQZ6Kgm-H4L8f3UYBidYKuMldIwQVqrcUXVfZBtql1AEPAvWZAP1DK_6RsfMJ-BcJzvJdAmhVMVzIyCKTitsa6Gc2MnVItcS6jt-2N-_COFUtYalvlwgi3LUZ9GCMmu0O3KdW4KmlKBXJ_jQHxRAooE57dcDNjx21Ko_-9NoWtZQuC2bIMk_qX0nmw4hob2ivYgKGyhCUsu5hgObQaMFjxrVsyls287xEuaP8HDsT3Vy7gFDxOgMLVnCMKZbjViRIETQwQXvx-j3kXcRFJFYDZ4yLO6hskHiZwK9UL-K50fCIt6_P_bg_oWkbRri0sk8lY_jPXmSi6gn9oNx-Oee4JmJobEdDRM6-60hfMtF9ZAVuZHHd1aIMM2UmWPM2SKdqMHyiP5JcO7uYzuLr6xf63F0DLOwmeiqMrY15KMp6nPJlND4r8-fzEzsT3zKRggk8HiM-ENKluWr8g-P8wRgx9Ab_XByzuMIDnVM_s5zjPzhmQbsIXcop6MSK3X0KakH5vSOQulNBmUa3AwD73xbSbIMMAbKy2oWHY2fzgwFz1i5OisEZEVr8WwenqHeIhjVLfQroEnDJu_14_Am0sv8xJhbVgrTq277GSAZYemzGVBiHYIxGUhfUZXf_WPH_TCs-X473oBD28ILdP3D7uQafHV1_e3b2s6Rf-yw4SNk5RREkOLoFQj_UWHETG1CWmxaM9CO4cklsnlm1xbGHOXDu_EhNtmn0BZ-2z58n9z-Vrt5zBzfcQEAYWbENSEio3h5FvAcfeIpJaWct2p6ocDLO8wJBCyTSNC3EsgxsKaUGAjMksEGRHTGQkzyHx9prJeqLGRsZddjpt4xL6sUUpgBgefFhfeIsrMHdjDxnk-gAxI_1exvgGTs3QTFiB1OiQLlS9J_IR6qfQdH_ycExranlbcVE0eSXZQnmGFWAO47tAkRi8eNsmtlvPACyvGn48UteXR2F2PbqoDgODBimtPXSdEjjsKLUzYjWt8szBfjcUmBULCkamVa4wylTSUSs4boMl7COUDsG5GWjQn_YNnebW7OqwomkaIoQSt6HGH7X72Z5ipRshdHLx5IiTU095iNd3m5ly5gZqjVzraqC2jcl1PJYJlRgnGybny8p6P6zL8ERT9EWQ48rQnyp_lnOhjz4u_fDFslCpvEPWnYsSzpOelO27-lf-YDB9c04i8fHU5hcCtzPo6pZYWFR9J4tOFyxHHZ3oHOzUMhDmpX5FQnwoFsOTjDSYxLF1sDLovrQhl71FOeBjEOi2sdf-UbOVEmeupqvvh9z8ddSwjSW286zOzTUCrucPt5_Z7ickmbUiQeGKd0zZdTR99yqeSAXe1kpfWOtFFN7VWHuMrN50-pNrd5o9fR3QtOrDOGJZ_D2mUT-rfmP2DEPlpOifAA7GWk64J8Mt8FsPjkmnPYVCsSNzbUkdha2BjM02GoRB-t69qrJJxys-3Kjs7RDM4ou83J_yTg29zOlO6oICbER0EpUu87C_KUeDsThvhOmd7YMcSAYkwScPDe8HDGR4AMs0ac2BFdADOtJLFUvBE7Lg0pb1vlHBIh7UZ1z8SS9Vmpui8f9PaQyfQTRiXBN1tuqUdZbXhqU12HvG7lKh0U32E2_C6q9OQuOFijicwFK8FI7sbX3j3gDIiBYlD8Th351LlFsSZkMwqQfm7oenanZLu_5dnlYjyJW0ejQq1UVm2Zsu7bBCkKPsyssXDHDgPUkukq_6vTyhH1w8ZwSjdgfVWG04LKGWJZuKGfWhfy76pBWRaf8GXiJmmNKIOxu1_oSMutTi1IGoKh-SLWU_95EmnuiFqdqrklRDT_Bl5oMIm8LhLFlxc9e_CfRqib8hwIDWD4Wh60zChGbuBw8emHyB_tA5CM7_bxPrX9bKMV6FfXrpOg02YrB0bdN60Dv3ZErqwKXLz8N6UZv3qy7EOh9fwYXHVZz2aUTYmRcoSy2Dl-digfWvtZYrW2zmIyogSbmUEl_NE0rH-hbSc9wmbbhwwj-tCDGoGCh_QBc35alZ5XRd2mA3ziqayT_o5hCKX_q7qim0v71fc5n1jWaeKYdrrBJV178&cid=CAASFeRoqnNz6ar1mUzSarko98hFh0-ocw&rfl=1%2Chttps%253A%252F%252Fwww.balatarin.com%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06bc9c15fa48ecfbe3f719b058325cacce0a1d37f0d5bf228262c4e559b09383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1636093440&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&flash=0&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636093440584&bpp=1&bdt=374&idt=143&shv=r20211101&mjsv=m202111010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78307ac215b1f7e8-2211fe7120cb009c%3AT%3D1636093440%3ART%3D1636093440%3AS%3DALNI_MZu0cOQpoefaR1BRiIHt9ElICukXA&prev_fmts=0x0%2C779x90%2C779x280%2C336x280&nras=1&correlator=1575939950739&frm=20&pv=1&ga_vid=934517177.1636093441&ga_sid=1636093441&ga_hid=294366073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=254&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063361%2C31063399%2C31063246&oid=2&pvsid=1036614213874352&pem=805&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=so69B0mgIa&p=https%3A//www.balatarin.com&dtd=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29891
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC17 0
0 41ms
41ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNRUt1t2Mg0CDjmdirA-8NS5tOpLuUKbkKzZFGSdKii9lz1NeAVuxQ1XjV1Qe1UcQhFnA43L2YZ8mYNp3yNi_zVoA4_O2RyIOVcGcZdDYhyRNDCEUn6Rk2UEt4hXk1BaQIQh5GzsBQr7h5BMtd3H5y5IUVrlAp1a0ixl63JE2EWhuaGPUPNJfV0cSKjDV08_Gk_5VtLRGXel-nyipgpzYZ02eotdx16P1BuMt46iIAvOfdg-sFWwBzORyIoeXmG9P0WMoUwI1xBv2xUX92qpDZYxIp8hLQXVDv4XQzcveu3OH2Hvi-BkVKgyQq4S0&sai=AMfl-YTTO8abZYvckZBr4XZKVDAvbCg-H1JOs2Qf48KH3f5T41wab_Xr5FiMrrtphmH6XKOFct83UlttZDqYIdnMEt2egkfwwgTNnEJBfLw4oBbRj9DUgKXgd5LLV0LiDIqv&sig=Cg0ArKJSzFxpS4Bf4GSlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
DATA 200
OK truncated
/ Frame DC17 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d45a95644966d8c995880cc225feeaa5aec9d60033e42b1c137b106ac216d281

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/ Frame A081 6 KB
3 KB 349ms
14ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a3cc681a05e6808f2e1a45ed9d252e5b6e3464a7852e844d6d46ddb179d2da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2350
date: Wed, 03 Nov 2021 16:53:54 GMT
expires: Thu, 03 Nov 2022 16:53:54 GMT
last-modified: Mon, 24 May 2021 11:13:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 135007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2BF 0
571 B 89ms
50ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuf20vmL6Ft8mXg736_dDaFK9dtGewzi9RaM-amzbKP7-epnLuUXVaBr_8fldrOvJTs0zGUROvCE_SIrRtE5KiZDiPHWnV5IHsM5WwxMQMmkKQWRbvQNrfh26MqOj480rM8OzdIDZIQ8WOSKYmkAhtbhhd-eyLF--QgOWFz8odd2AokSNTZasTgm1nQR6vmSsMU5owOUbgmMcamNYkH4rz5HK0tlWwg7Evp0WMMNObA9Pdrg0m9y2EpC_Hk7b9CUqJrQNBGE_Z1plgvqKHfb897sybojTGsFKj9NWTAOpA8X8nS8_uTUdc8x8PlsNXk7NGiSFiEunDIP_BU9C6TrPwXDmLjnYXy1moJ0wxOwRxFBsPWU6MbMx5HymnXF29Pu4fXNcCC4TCqizWv7TwHinHbOC9YIGBh9KIjcqAifjWgxH-dkmvO6Hmh-No7XUbxJ00J0tVzQKeKDbQtlYjbjjDLmBcsH5vVcG-bpYeC567eJQOvsRnXI3_S4LUTfKxaDhNTvg2o2LNc6uFJcJXnimnK561ntAZb4un41MKt5txfzsDsxNEll5a1HEaew8q2Dv6K4HL9so4Ns0m89NcAf7PwMsK4FmqXL_CY7Met3RBiVzM8ZrWgD-vK6s5kuBeaXWAPP2nD9WMslLuopn1Y0ZPrEYhzYUh_6Sxt_IYoHZqwtA5LD3O3RmPcF241WdMoq78mMdbHQ_5_myGN2cLWoQOkx5QMIIRax7K4UTk9NC8CvCLG4joUrXp2h0cnKUa07SE8uJvCO2LA9Nxc1_vKrltA6Qb6LY573WBMmx9mXVvY1aWgbM_73LuTv_sMKyNskLp3iJ8oCEdfRGRcZ4QuCLvsTXKZ25PpxG4U9VkKQLVjeJEPXXQtvOvUcvdDr92Vn2X5SgJ1cBcBeWGA0oYP7zhig0ufkZA_xD8kxAKihrWo2DUsUQ8NkgV8s-lAe1e9dpbxa6-Uf5rpy3M6EapyDZyCjVwU6MgQGbnQ2lV0axX9IjXQfoD1iBadsqhMMaINyZD5W0jujxgEbONh96ItKJlRbIOkw-62Zp9cwrRylyuHbXJXdiCGSlp9a9xEUksmc304yIEK-ZEqJQvBdXXXy6SQv3TB6tJK7jjXmCRRcNiuyFuSthoSFRhKTgpTzKx55uJatfhHp2Q4Yks&sai=AMfl-YRJOfgSknCsrnDx2PvFHUh3i6CaPayPvIOagALkILbIH8YZTbq7dpQvsa2Y81B9mEELXO3fp_hmjRHPY9hT1go_lyTWUBfQyUQR664kUg2RSzBJV5BXwuA8UNMousWD5zxrpTKm3Fx_7AVAwW9s-eHlBnQPLvzuJxgNT2y59DqS7Qu_SrSAkvM&sig=Cg0ArKJSzM2HbMeyexKDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=159&cbvp=1&cstd=156&cisv=r20211103.46201&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 05 Nov 2021 06:24:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3399
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdInXz8VrMEy5gnRKtZGWo&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdInXz8VrMEy5gnRKtZGWo&google_cver=1

43 B
172 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdInXz8VrMEy5gnRKtZGWo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyXvwEQlafNARj9vJe4ATAB&v=APEucNUueT65pP3rHVuoZXh0YVrA7y7tlI4Y3seMy9bt5a_ePIsAea0uG7c3BmQZfRUqEo5Xgzw5xZObzoeokdUdTRUnXkynQytdeSdCNun__S33T-eSVhtfOneuAcuE8vW5CWBRkLgjQ9KP63vT9yqlz2MqmzmDAn5HFhShiu4OHcWvdOKrk6I
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdInXz8VrMEy5gnRKtZGWo&google_cver=1
date: Fri, 05 Nov 2021 06:24:01 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3399
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAxYzdjYzgtOTY0NS0yNjY2LWVkZmItN2M0YWY5YzUxZTMy

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAxYzdjYzgtOTY0NS0yNjY2LWVkZmItN2M0YWY5YzUxZTMy

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyXvwEQlafNARj9vJe4ATAB&v=APEucNUueT65pP3rHVuoZXh0YVrA7y7tlI4Y3seMy9bt5a_ePIsAea0uG7c3BmQZfRUqEo5Xgzw5xZObzoeokdUdTRUnXkynQytdeSdCNun__S33T-eSVhtfOneuAcuE8vW5CWBRkLgjQ9KP63vT9yqlz2MqmzmDAn5HFhShiu4OHcWvdOKrk6I

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAxYzdjYzgtOTY0NS0yNjY2LWVkZmItN2M0YWY5YzUxZTMy
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 3399
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESED-GIP-LZM7AUjV1S2Lrs28&google_cver=1

23 B
172 B

97ms
43ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESED-GIP-LZM7AUjV1S2Lrs28&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyXvwEQlafNARj9vJe4ATAB&v=APEucNUueT65pP3rHVuoZXh0YVrA7y7tlI4Y3seMy9bt5a_ePIsAea0uG7c3BmQZfRUqEo5Xgzw5xZObzoeokdUdTRUnXkynQytdeSdCNun__S33T-eSVhtfOneuAcuE8vW5CWBRkLgjQ9KP63vT9yqlz2MqmzmDAn5HFhShiu4OHcWvdOKrk6I
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 05 Nov 2021 06:24:01 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESED-GIP-LZM7AUjV1S2Lrs28&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3399 23 B
172 B 119ms
45ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyXvwEQlafNARj9vJe4ATAB&v=APEucNUueT65pP3rHVuoZXh0YVrA7y7tlI4Y3seMy9bt5a_ePIsAea0uG7c3BmQZfRUqEo5Xgzw5xZObzoeokdUdTRUnXkynQytdeSdCNun__S33T-eSVhtfOneuAcuE8vW5CWBRkLgjQ9KP63vT9yqlz2MqmzmDAn5HFhShiu4OHcWvdOKrk6I
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 05 Nov 2021 06:24:01 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 2F7D 106 KB
37 KB 309ms
7ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 08:37:30 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 2F7D 8 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7vLZO9znZbgQBKG-o3iCvozs5d7bkZNeBboH5WvDhL82mAkv81Z6nOsmVzhCmil_ZuhCW2lvPy68DBJFDRjeuK6LFpvZU7-p5HAdzaeBFY1H2Mgy24bgep6BQy0LB-Ytly4cGH8FsAZTUjASETQ9BhnbLTQ&dbm_d=AKAmf-DA8uJHodL53CJtJHy3Nq5oGfOuH5jqvreO060OCQUYKZ9HoSa2aFPAwbL1AIqVDUipCxBfNynDt9AYQzD-pYbk5iDd53Tu_DiRDYxkua85KOAW7qkfv3JTwPTotEor_OuIgD1zWTP5ONUx3lf64KnrJ-6F1kZFseBQIpbN6Jj9rnK_zgAtWwU3twWtZVoVC6FDLivRcYLbaYaeVAbVuqn9OtCmmYXgEIcT30nmZbDA1qQFyNkOxSsmyJmjfr-eOJ5qXDMZfSg9Al25asYJqMUHtfdaSTIhtKXKy7hPT2i5eyUw9VK8dkne291YkIwRCb_2Cps6Ow2azRLvTzAK0r55XE_5LRC3e9qE-7ohqJNqIPBsV64zXN3yEh52OZbAhQRirT4YYM0rJyg9oxk4tRsFQRqwh56Jjfj-JJjbcy7IetliBtx15TOwN4kmqXxGW4cZGR4afcnsPbYFBg2H63LfVDijhZnaDkktKUwfnoL27lg6UaGdLXGW932MEFoi77VT04LLXOGGWtuSpYCcCOwk_LG7XPF3UkFNcSVIb1njancnRAj8U3OX_I422PF1Om9ggG_QHkDSCkIP5Sm03_4v3nGdh1lm3FVHL6bQCFdqI3NDV7AvSl2oG2vZziyv9hLKmldnjhzky4LaZ7mUnoengqX0t6cwHLNWS_rd60jY1D0ZJYQkNgeDZ7XpCbIIpQNZuM_2H_Og458uK3BIS5uRh26aALH2V3RY15taJ8hUJplZTCJepv3fUuxisZ2XrgE44o0mduKKy_GkyNF_LNaSORheOiIsznN7yznu7krapJnI3R3RgmRb3n-rJLgK0VNI8ONSN0dZgWj_HLpip4e4PoeHsdMUJ5xQSW3jffFKREmwcyglZhWImt8gJ0TQokbCV8mUht2i2gVoSyysWG3MN6AEHr6Z5kifGUVc66KxFW0e0jZD_ALms3trgC8cuCC4YSYz_Ull6hM7iH68N0IgKiRQZ6Kgm-H4L8f3UYBidYKuMldIwQVqrcUXVfZBtql1AEPAvWZAP1DK_6RsfMJ-BcJzvJdAmhVMVzIyCKTitsa6Gc2MnVItcS6jt-2N-_COFUtYalvlwgi3LUZ9GCMmu0O3KdW4KmlKBXJ_jQHxRAooE57dcDNjx21Ko_-9NoWtZQuC2bIMk_qX0nmw4hob2ivYgKGyhCUsu5hgObQaMFjxrVsyls287xEuaP8HDsT3Vy7gFDxOgMLVnCMKZbjViRIETQwQXvx-j3kXcRFJFYDZ4yLO6hskHiZwK9UL-K50fCIt6_P_bg_oWkbRri0sk8lY_jPXmSi6gn9oNx-Oee4JmJobEdDRM6-60hfMtF9ZAVuZHHd1aIMM2UmWPM2SKdqMHyiP5JcO7uYzuLr6xf63F0DLOwmeiqMrY15KMp6nPJlND4r8-fzEzsT3zKRggk8HiM-ENKluWr8g-P8wRgx9Ab_XByzuMIDnVM_s5zjPzhmQbsIXcop6MSK3X0KakH5vSOQulNBmUa3AwD73xbSbIMMAbKy2oWHY2fzgwFz1i5OisEZEVr8WwenqHeIhjVLfQroEnDJu_14_Am0sv8xJhbVgrTq277GSAZYemzGVBiHYIxGUhfUZXf_WPH_TCs-X473oBD28ILdP3D7uQafHV1_e3b2s6Rf-yw4SNk5RREkOLoFQj_UWHETG1CWmxaM9CO4cklsnlm1xbGHOXDu_EhNtmn0BZ-2z58n9z-Vrt5zBzfcQEAYWbENSEio3h5FvAcfeIpJaWct2p6ocDLO8wJBCyTSNC3EsgxsKaUGAjMksEGRHTGQkzyHx9prJeqLGRsZddjpt4xL6sUUpgBgefFhfeIsrMHdjDxnk-gAxI_1exvgGTs3QTFiB1OiQLlS9J_IR6qfQdH_ycExranlbcVE0eSXZQnmGFWAO47tAkRi8eNsmtlvPACyvGn48UteXR2F2PbqoDgODBimtPXSdEjjsKLUzYjWt8szBfjcUmBULCkamVa4wylTSUSs4boMl7COUDsG5GWjQn_YNnebW7OqwomkaIoQSt6HGH7X72Z5ipRshdHLx5IiTU095iNd3m5ly5gZqjVzraqC2jcl1PJYJlRgnGybny8p6P6zL8ERT9EWQ48rQnyp_lnOhjz4u_fDFslCpvEPWnYsSzpOelO27-lf-YDB9c04i8fHU5hcCtzPo6pZYWFR9J4tOFyxHHZ3oHOzUMhDmpX5FQnwoFsOTjDSYxLF1sDLovrQhl71FOeBjEOi2sdf-UbOVEmeupqvvh9z8ddSwjSW286zOzTUCrucPt5_Z7ickmbUiQeGKd0zZdTR99yqeSAXe1kpfWOtFFN7VWHuMrN50-pNrd5o9fR3QtOrDOGJZ_D2mUT-rfmP2DEPlpOifAA7GWk64J8Mt8FsPjkmnPYVCsSNzbUkdha2BjM02GoRB-t69qrJJxys-3Kjs7RDM4ou83J_yTg29zOlO6oICbER0EpUu87C_KUeDsThvhOmd7YMcSAYkwScPDe8HDGR4AMs0ac2BFdADOtJLFUvBE7Lg0pb1vlHBIh7UZ1z8SS9Vmpui8f9PaQyfQTRiXBN1tuqUdZbXhqU12HvG7lKh0U32E2_C6q9OQuOFijicwFK8FI7sbX3j3gDIiBYlD8Th351LlFsSZkMwqQfm7oenanZLu_5dnlYjyJW0ejQq1UVm2Zsu7bBCkKPsyssXDHDgPUkukq_6vTyhH1w8ZwSjdgfVWG04LKGWJZuKGfWhfy76pBWRaf8GXiJmmNKIOxu1_oSMutTi1IGoKh-SLWU_95EmnuiFqdqrklRDT_Bl5oMIm8LhLFlxc9e_CfRqib8hwIDWD4Wh60zChGbuBw8emHyB_tA5CM7_bxPrX9bKMV6FfXrpOg02YrB0bdN60Dv3ZErqwKXLz8N6UZv3qy7EOh9fwYXHVZz2aUTYmRcoSy2Dl-digfWvtZYrW2zmIyogSbmUEl_NE0rH-hbSc9wmbbhwwj-tCDGoGCh_QBc35alZ5XRd2mA3ziqayT_o5hCKX_q7qim0v71fc5n1jWaeKYdrrBJV178&cid=CAASFeRoqnNz6ar1mUzSarko98hFh0-ocw&rfl=1%2Chttps%253A%252F%252Fwww.balatarin.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:01:40 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 2F7D 24 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:01:08 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F7D 41 KB
15 KB 122ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
DATA 200
OK truncated
/ Frame F2BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3034d941c71b16d3b5a51a29c51fb8f0d3ee2e1c5c5eaba2548099d3014bd423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1AC1 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 328400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 622E 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 328400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2F7D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9f248c09dce9f414416f8242b66d1d0806110b8f6209ab1ade8149c22a7e794

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AC1 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 20:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 20:29:35 GMT

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 622E 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 20:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 20:29:35 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/13620236794060913227/ Frame DE33 89 KB
21 KB 15ms
15ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13620236794060913227/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de2de3da4082335788abe9440714f4601f91694b2263d5a6798f65bfd60e3d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 04 Nov 2021 23:01:46 GMT
expires: Fri, 04 Nov 2022 23:01:46 GMT
last-modified: Wed, 20 Oct 2021 12:46:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 21720
age: 26535
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F7D 0
24 B 65ms
51ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu09d3w4VnEeGZ-XHnntLV6IiH4LiDmYSrxtzTwT-0xmJdJC9Q75shtcF7niGrOZbJiZ5EyuLulbUIvg4nw360-MKuxBphLmTukOWGOwcpgNVpbHY7Unbhyq5fN19FXdt_EFR0dfRGZ49JYIwsGxbskgAV7y5fuVsM7Z8lmVDApO_KcertLRF--LfhlGpD0T2xrBRYhlzF7l7-NSNvdwxLFMaNp6znnLCAX14Cp5fZ35RSb7T0-KvrEG45ojsE7F1Pk_7HCvIaVW7dNbSXDEXilPtz2VB9iYTLJrFlYGmpgkERKJMSRundoghj5iXBHfzc4lAUQQlChoklCK2P9YlWeKmWlzYOz6eRjxENsazAtPYcezOKnTDiOCD3I8D3y3qM8MwIXJvDlYgtqDI3vfAtih635nN7JYcSs5qzulkImyn0Lcl9zjq9S-qIgpAT-9riWfzDRNZ3OTYeftsu-Nh9PjrONTsKtJscIrkTJAAbKJOZZjvpjEi8VrfTZp3nlRLS1mUy-4WoK6e6Pu8BykvmH-H11WFBtFiEi9olqkcuF4DfpJx587vEQZqpiygLpwiqEc94CxxCDD7QOoOtzGoA3p6Vx2Zxh7t7pd9sedTJ2sKSV9bj-H0VR-bWt9XMojSL7yTXNk3vFfzfil9ju7EvrDNwCr3hWEXVZ861LKEeeukKnabyiFPgrEEOQemtnNMdkfRRsR2vHmyfI3xLYGZPRVzgaFfTs_nzUp1ciRE2yYhnC_uBLYleTMsBNJEjL7GsRWvuiOawoeRQyTeh1aw1DuhZTAZbBrOjMjm1e2JndUGVnOWH_Az2PCYPu00MDiYsO978yy5SCwraDEITApF_zy9R6b9PWDHkNw1Mq_e7sWlY0OEOOQ5eXSI9N-3uBzZW_n9y0evnnQlDjvryXq8SDbH6phbDYi2X3OlnGNUDPcAu5k_NZseDKNGqw4MSmuVKFfXpTEoJVTOMFePJd_txLMCSjfzF8wPTFyBsVQDszor3jEPMek-obvp3QcLRl4kPzAI3Tz0oI0YbEcFUgZXu-PkjCN1Mon-zqmzxi4gDg_of5p0LOXj-AbQjbDEGUMHSpS0UTH36_CVPxMmg_ZW8CDEd5pupCTvWoGcrhFLf4DoRPbttlUHDFsDQneCYAiu5FKd8UyJD-sAKZ9RZhKlI6uQK2&sai=AMfl-YT7FEGpys0PBPRA3ruexZNiwmCc8Dj7VkynuH7IzZ5rK3YhNQ04QWl9N8b0f9Q6idsEkkAXx04F4grTPW6o4NooNlzauxUe9osXhq0r_Rk8_rcrqjZ2CDurGuKsYOQlyuT-khO5C7JGVK8tYyNi-jLrjI41uEfQBX6L_Pw&sig=Cg0ArKJSzInwVF-DytKmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=344&cbvp=1&cstd=343&cisv=r20211103.77783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 05 Nov 2021 06:24:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A081 186 KB
48 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 index.js Show response
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/ Frame A081 38 KB
6 KB 14ms
14ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61f0bae20615afaf9c06c22fe55a31e924784e8fc964a1f24bbbb1eeaf4d92fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5895
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:54 GMT

GET
H2 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DE33 29 KB
10 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 14:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Nov 2021 14:26:02 GMT

GET
H2 200 _2.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 5 KB
5 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_2.jpg?1621522399776

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b100d6f6006316698ed8738e2cde9e7d1548eb25cb4e5d9a42076c78348c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:54 GMT
x-content-type-options: nosniff
age: 135007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5471
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2BF 0
23 B 44ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuf20vmL6Ft8mXg736_dDaFK9dtGewzi9RaM-amzbKP7-epnLuUXVaBr_8fldrOvJTs0zGUROvCE_SIrRtE5KiZDiPHWnV5IHsM5WwxMQMmkKQWRbvQNrfh26MqOj480rM8OzdIDZIQ8WOSKYmkAhtbhhd-eyLF--QgOWFz8odd2AokSNTZasTgm1nQR6vmSsMU5owOUbgmMcamNYkH4rz5HK0tlWwg7Evp0WMMNObA9Pdrg0m9y2EpC_Hk7b9CUqJrQNBGE_Z1plgvqKHfb897sybojTGsFKj9NWTAOpA8X8nS8_uTUdc8x8PlsNXk7NGiSFiEunDIP_BU9C6TrPwXDmLjnYXy1moJ0wxOwRxFBsPWU6MbMx5HymnXF29Pu4fXNcCC4TCqizWv7TwHinHbOC9YIGBh9KIjcqAifjWgxH-dkmvO6Hmh-No7XUbxJ00J0tVzQKeKDbQtlYjbjjDLmBcsH5vVcG-bpYeC567eJQOvsRnXI3_S4LUTfKxaDhNTvg2o2LNc6uFJcJXnimnK561ntAZb4un41MKt5txfzsDsxNEll5a1HEaew8q2Dv6K4HL9so4Ns0m89NcAf7PwMsK4FmqXL_CY7Met3RBiVzM8ZrWgD-vK6s5kuBeaXWAPP2nD9WMslLuopn1Y0ZPrEYhzYUh_6Sxt_IYoHZqwtA5LD3O3RmPcF241WdMoq78mMdbHQ_5_myGN2cLWoQOkx5QMIIRax7K4UTk9NC8CvCLG4joUrXp2h0cnKUa07SE8uJvCO2LA9Nxc1_vKrltA6Qb6LY573WBMmx9mXVvY1aWgbM_73LuTv_sMKyNskLp3iJ8oCEdfRGRcZ4QuCLvsTXKZ25PpxG4U9VkKQLVjeJEPXXQtvOvUcvdDr92Vn2X5SgJ1cBcBeWGA0oYP7zhig0ufkZA_xD8kxAKihrWo2DUsUQ8NkgV8s-lAe1e9dpbxa6-Uf5rpy3M6EapyDZyCjVwU6MgQGbnQ2lV0axX9IjXQfoD1iBadsqhMMaINyZD5W0jujxgEbONh96ItKJlRbIOkw-62Zp9cwrRylyuHbXJXdiCGSlp9a9xEUksmc304yIEK-ZEqJQvBdXXXy6SQv3TB6tJK7jjXmCRRcNiuyFuSthoSFRhKTgpTzKx55uJatfhHp2Q4Yks&sai=AMfl-YRJOfgSknCsrnDx2PvFHUh3i6CaPayPvIOagALkILbIH8YZTbq7dpQvsa2Y81B9mEELXO3fp_hmjRHPY9hT1go_lyTWUBfQyUQR664kUg2RSzBJV5BXwuA8UNMousWD5zxrpTKm3Fx_7AVAwW9s-eHlBnQPLvzuJxgNT2y59DqS7Qu_SrSAkvM&sig=Cg0ArKJSzM2HbMeyexKDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=591&vt=11&dtpt=432&dett=3&cstd=156&cisv=r20211103.46201&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F7D 0
23 B 43ms
42ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu09d3w4VnEeGZ-XHnntLV6IiH4LiDmYSrxtzTwT-0xmJdJC9Q75shtcF7niGrOZbJiZ5EyuLulbUIvg4nw360-MKuxBphLmTukOWGOwcpgNVpbHY7Unbhyq5fN19FXdt_EFR0dfRGZ49JYIwsGxbskgAV7y5fuVsM7Z8lmVDApO_KcertLRF--LfhlGpD0T2xrBRYhlzF7l7-NSNvdwxLFMaNp6znnLCAX14Cp5fZ35RSb7T0-KvrEG45ojsE7F1Pk_7HCvIaVW7dNbSXDEXilPtz2VB9iYTLJrFlYGmpgkERKJMSRundoghj5iXBHfzc4lAUQQlChoklCK2P9YlWeKmWlzYOz6eRjxENsazAtPYcezOKnTDiOCD3I8D3y3qM8MwIXJvDlYgtqDI3vfAtih635nN7JYcSs5qzulkImyn0Lcl9zjq9S-qIgpAT-9riWfzDRNZ3OTYeftsu-Nh9PjrONTsKtJscIrkTJAAbKJOZZjvpjEi8VrfTZp3nlRLS1mUy-4WoK6e6Pu8BykvmH-H11WFBtFiEi9olqkcuF4DfpJx587vEQZqpiygLpwiqEc94CxxCDD7QOoOtzGoA3p6Vx2Zxh7t7pd9sedTJ2sKSV9bj-H0VR-bWt9XMojSL7yTXNk3vFfzfil9ju7EvrDNwCr3hWEXVZ861LKEeeukKnabyiFPgrEEOQemtnNMdkfRRsR2vHmyfI3xLYGZPRVzgaFfTs_nzUp1ciRE2yYhnC_uBLYleTMsBNJEjL7GsRWvuiOawoeRQyTeh1aw1DuhZTAZbBrOjMjm1e2JndUGVnOWH_Az2PCYPu00MDiYsO978yy5SCwraDEITApF_zy9R6b9PWDHkNw1Mq_e7sWlY0OEOOQ5eXSI9N-3uBzZW_n9y0evnnQlDjvryXq8SDbH6phbDYi2X3OlnGNUDPcAu5k_NZseDKNGqw4MSmuVKFfXpTEoJVTOMFePJd_txLMCSjfzF8wPTFyBsVQDszor3jEPMek-obvp3QcLRl4kPzAI3Tz0oI0YbEcFUgZXu-PkjCN1Mon-zqmzxi4gDg_of5p0LOXj-AbQjbDEGUMHSpS0UTH36_CVPxMmg_ZW8CDEd5pupCTvWoGcrhFLf4DoRPbttlUHDFsDQneCYAiu5FKd8UyJD-sAKZ9RZhKlI6uQK2&sai=AMfl-YT7FEGpys0PBPRA3ruexZNiwmCc8Dj7VkynuH7IzZ5rK3YhNQ04QWl9N8b0f9Q6idsEkkAXx04F4grTPW6o4NooNlzauxUe9osXhq0r_Rk8_rcrqjZ2CDurGuKsYOQlyuT-khO5C7JGVK8tYyNi-jLrjI41uEfQBX6L_Pw&sig=Cg0ArKJSzInwVF-DytKmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=452&vt=11&dtpt=108&dett=3&cstd=343&cisv=r20211103.77783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 183ms
31ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: VSMD8FN1F00KKNHM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: lc97TDk+2a6+061O7JuMIzhM3mMDA0tOL0f6r6bprz8SSdEJdFW5b7u6AYs+0SCz17Rdpw1mGJk=
x-served-by: cache-cdg20775-CDG
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1636093442.873677,VS0,VE0
date: Fri, 05 Nov 2021 06:24:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5994

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 72ms
33ms XHR
application/json 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211101&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc71dc68244a62b9008dcb887d64b8ce4b0ada99329bf1781c85e806d2a234f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9264
x-xss-protection: 0

GET
H2 200 _2_1.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 9 KB
9 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_2_1.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bac77efddabbb74c88944d8f85374a285e60184ef9547968a4d2246f95b90f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:54 GMT
x-content-type-options: nosniff
age: 135007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8952
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:54 GMT

GET
H2 200 cta_300x250_de.png
s0.2mdn.net/sadbundle/13620236794060913227/assets/ Frame DE33 3 KB
3 KB 17ms
16ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13620236794060913227/assets/cta_300x250_de.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029a701689c9a2ea7a74b4e63c847225fa963e07f627cee0d095426492de3268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 08:09:48 GMT
x-content-type-options: nosniff
age: 252853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3011
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 12:46:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 08:09:48 GMT

GET
H2 200 auf-zum-naturschnee_300x250_de.png
s0.2mdn.net/sadbundle/13620236794060913227/assets/ Frame DE33 3 KB
3 KB 16ms
15ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13620236794060913227/assets/auf-zum-naturschnee_300x250_de.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e8be0ce68b918e6df4a69a1810833c9f1b4e23f83d9bf1dd4b7416094ea038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:01:46 GMT
x-content-type-options: nosniff
age: 26535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3360
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 12:46:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:01:46 GMT

GET
H2 200 lust-auf-echten-schnee_300x250_de.png
s0.2mdn.net/sadbundle/13620236794060913227/assets/ Frame DE33 3 KB
3 KB 15ms
15ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13620236794060913227/assets/lust-auf-echten-schnee_300x250_de.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d009875855f984ecd95c627af585c11b09758e2f13db411c615bf4d3a8a995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:01:46 GMT
x-content-type-options: nosniff
age: 26535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 12:46:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:01:46 GMT

GET
H2 200 logo_300x250.png
s0.2mdn.net/sadbundle/13620236794060913227/assets/ Frame DE33 5 KB
5 KB 16ms
16ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13620236794060913227/assets/logo_300x250.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9036982ac69605d8474320cf5298232cd68b0dfd1a2d0d5ef7c520ce26c46495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:01:46 GMT
x-content-type-options: nosniff
age: 26535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4762
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 12:46:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:01:46 GMT

GET
H2 200 WWS20002_spritesheet_300x250_treppe.jpg
s0.2mdn.net/sadbundle/13620236794060913227/assets/ Frame DE33 109 KB
109 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13620236794060913227/assets/WWS20002_spritesheet_300x250_treppe.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddf6103760c340e0142a771fa5147dddaf4618479c7b5a51ff6c5b12fc5d402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13620236794060913227/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 23:01:46 GMT
x-content-type-options: nosniff
age: 26535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111447
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 12:46:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 23:01:46 GMT

GET
H2 200 _2_2.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 6 KB
6 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_2_2.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9f9a528c0457d89fed8abb160dff9269902f3fb8f78fb881bffbec95c1aad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:54 GMT
x-content-type-options: nosniff
age: 135007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6272
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:54 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AC1 0
56 B 37ms
37ms Image
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUI5LAM6EYa2PObmu7_UPqYuGsA4AAAAAOAHgBAI&bg=!jo2ljcnNAAYH3anuB907ACkAdvg8WkWcZDcD3idmuO5BpgxeinFfmCToLKslz0FPute9idRPZXke_AIAAADOUgAAAApoAQeZAujdtIObDZ_A46llLTjEWuNQ80fr4BUyUEtvnH9V-_9zuriHHR3MISriuPknWYG2zOaHLc2B926NJ_jzbonSKvXf30Nkn4JJo3wtok9SFgygn_czbV_8seAG2fYcgi29j_yTluNNskle-ANAwJfy6mMPo77F-8aQUWUjsZf2qvPZblyQpGHiLh3YAXEOP7Mk8AcuhGRHupZbdZV_SKOqHks3Btr_Ilc8uWrEfJaHcRXAAu7tuVU1OD1KIGMwnivqrZP-ITV-TfAJSQZ7ultL27R0DBTCniCCKIdHmriI_9FDhlhRJOVVqmxYsB3SSehny_ezOAmoM46QVQWeOafsN4y3ya2cJf2vfsR_F32_8slyLPvGVZvAjTJmY6CYNH24t66ddnOaNjONanZHdR9gu84I1qJvfDEdkK0eChjjTvO3Q0fdvGwAsRjqFmNWsIzrI2brNoRjMqHlWXdRzmKPBI53DOdv7ZHPksjMvlV_AUybxriVFzxvGt7XMgXNgaRcmjB8O1KTaWYj8LPh8AT1YO7tBfSW9GTlhY8rZuR9V5Eqjg2QKnyShUVvd-bAfWkhYHvEiG_M9c3IdomEwwonJ593bq9Ulaetkbe2I0EY_6p1-sBY-SCr4BNpkovdkzTEM7TEpKHVac1w5zjtNhTJNyObeCFNTl7l8BjhTB9Is-HzhoJnW6vH5VC_ahBeu3YZAHS6z_Lx1aLFYRBcUXbljW026I6v-c9VB_z3e6XMQa-CJSavtEvqrIxZEOTQnxrSAeZKisDuFgq8vkw7M_VCSRlVEXe1xt-pjYXocNh4FsBDs98PXYXjQOo4Qx37p3_JpS8rsULXn_TEaH7Czj5aOY0PrsZ3NLNGiyVeY4eybyglM6dCwSaLuio4fiKqB4UXqcFdV8vhinqzk8Oq5gcHq3SP-l8VUS95NHdvulxWy8hzUKuguwwIikFp0ArFS49Mnpr_PICPGp-_Ku0aym6mJq7lYYbGqTw4VD0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 622E 0
56 B 36ms
36ms Image
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQcCAAc6EYaaFCoacgQfRmLTYDgAAAAA4AeAEAg&bg=!R0SlRADNAAYH3anuB907ACkAdvg8WrblWIhBCPQGJvkX3D7MRJmh70yr81kB1JT2EKX7WUsXET0vbwIAAADCUgAAAAxoAQcKAJTHR5WBelKk9mHn5XXxT9LCZF0dhPvNIYa-FCCBpitGXJpozI1R2luR8dYvqFLD7Qs4aNueY95gxIw-HLWSoH17exeazWTSV6rusnbbVIICgAKG-U1IF-iy3OgUDGME2Jxaw2jYB3OT2Cj8q7MfO5jQvmFN0cTKY-HUUdvSKKpP1WBUqtLxVzTcoIi2tkzqf4KsElP5mQLkWqmmR-NnQfi9uvQn-7TW62yoP3tSbAyXbs6SIoFZcaE5uLBnuG448voxbtyj9sqNQbg2wpuqULRzsRZg9mNNVf7PRPG5RT_quDbW6LZ1w_TVOX4fMh10GrOPz5WZnjRcHr2l91FEaPqyKDDs99SiVrdaJTmHZqnWK0XQTZ-Y7WEU4TaFGd4SGk0dO7IQwK_qoLIIek9LkFTEteDAsPSpy6CQcflmhwpQDJa18OJxO0AoHwxqIisAwONUs6IoLaDAZWyW8Z6Uo2nagQSTich98B-Fr8zrgRvLfLco7hd8QEWiX2CWdXC4BGm-l3kvK69BI1A0KVzhnsII_4QNQjqIH5HIp-meyq9gLHf3qhtn5bDtpsXFEM17OcYvMXkXGd_0oGxJfkl2ZkpBMrvqT6sntSCx8mjijRhbN7qCbUUnjCTLgeLQv4IxcxoQ6BT7hTBsFNZse-i8nImvPXpmhHWG5zu2-S-Q9BEkrBybaH9naFetGtZuS7Ue7xnBVefwunukYOaxzpRHb37uFL03bflFT7hWBYAwBVhC_3AvHwaws6eo9EhafI0VTyazj8oWToeCYJ-49JSUxsfbvaRNPYwwirH8HtDANJc-731i396hyOjSPRelhZqDvAE2kr0NuWGEBZNzP55cnS0rmZMzkqJPuLAE3miNIZjBB_kkMHzycfP_KBz4Mx3nf5KAHKN4ALN-wlzQ7YpKFMCapTvHOsavYGon2Z8RYMKZv0259riA0ZZhh-9JLVROuAY7l5WseivHXyC0xMXmLXO9dNkRF88XdkiP1INSBXdrYhaIBW8SttV71ZZ_pTPkfTcs2aoP5jnkd50T6jEYAjR6zyIaEtzWxThOvhk1fnwnJ2aH1olhwmKoWE3mO_SeNDIgUSbtSroyMrmMir0Gy_lD8cD26KcvH111YYYUSdtBLxuk3x367J9CzcWKvgip1JwvxJv4s9qaShZWBIVou0TrUFmCdbA4tQ2S_Rs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _2badge.png
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 7 KB
7 KB 15ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_2badge.png?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740aa91be94944a9ae8b3d30ca53f60bf0d3ffa7be35002100d7e40a5b7d3a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:54 GMT
x-content-type-options: nosniff
age: 135007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7176
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 05 Nov 2021 06:24:01 GMT

GET
H2 200 _2text.png
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_2text.png?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35536ef49606e56f276aca623b3ff99c65722c2c15a2889ab3a20b0125b9926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:55 GMT
x-content-type-options: nosniff
age: 135006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:55 GMT

GET
H2 200 _3.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 3 KB
3 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_3.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecd00971f602468123dda829056b9d8c73c0dc678c64781f8c2400f0c30faeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:55 GMT
x-content-type-options: nosniff
age: 135006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3275
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:55 GMT

GET
H2 200 _3_1.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 7 KB
7 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_3_1.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b622e1847794d0aa129a2187b0ec2586b0a970bd9c2f41f4454ce98fe8d65e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6921
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 200 _3text.png
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_3text.png?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee5a0ff3254536946b8315b1eece469c56f9838e89b70114cb9aae3126b040f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2842
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 200 _4.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 4 KB
4 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_4.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae19e8b073e4e512a63fdbba99b1c25539695386fcedc2095b9b2a8f62bd2860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4022
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7036 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 05 Nov 2021 03:02:46 GMT
expires: Sat, 05 Nov 2022 03:02:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77DC 783 B
969 B 19ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2609e489881e8e89df0ee06586c6e2cfe4a7a443a285d2b8a86ba055986e485

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ut6YaM013Xnlj60pCBd5ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 05 Nov 2021 06:24:01 GMT
date: Fri, 05 Nov 2021 06:24:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ut6YaM013Xnlj60pCBd5ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 _4_1.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 6 KB
6 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_4_1.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f2efae3bc502b750e780800e2c8fd45f31d9362d13e04be506519baf039f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5649
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H/1.1 200
OK f0e3262f01 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 993ms
841ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/f0e3262f01?a=2210743&v=1211.ba193a8&to=cwleR0tYVF1RSklbWF4NQxxfUllFQUoDUw%3D%3D&rst=2610&ck=1&ref=https://www.balatarin.com/&ap=30&be=945&fe=2412&dc=1343&perf=%7B%22timing%22:%7B%22of%22:1636093439290,%22n%22:0,%22f%22:415,%22dn%22:416,%22dne%22:416,%22c%22:416,%22s%22:421,%22ce%22:434,%22rq%22:434,%22rp%22:919,%22rpe%22:925,%22dl%22:921,%22di%22:1342,%22ds%22:1342,%22de%22:1379,%22dc%22:2412,%22l%22:2412,%22le%22:2413%7D,%22navigation%22:%7B%7D%7D&fp=1141&fcp=1141&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:24:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a93ff2cee3035e3-MAN

GET
H2 200 _4_2.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 5 KB
5 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_4_2.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd494fe45ac7bd741f20ed54b6fd12e9453d09f63fe1ab19e201d6aa84f655e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5462
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77DC 0
0 45ms
45ms Image
text/html 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211101&jk=1036614213874352&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7036 35 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 20:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 20:29:35 GMT

GET
H2 200 _4text.png
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_4text.png?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0947bdc664a90426f1c1c7e94b7cbead8798831712b814cf2bc65cdb65424366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2230
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 200 _5.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 9 KB
9 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_5.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73690949ecdb6dac1be0d48f8538cf8f0cb36d124f80cc72c143a518bc2760fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8968
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 200 _5badge.png
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 7 KB
7 KB 14ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_5badge.png?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2144225313f47a1f46e0d3d964cae62936c97ea81d05c27c41290cea2ce6e7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:56 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6981
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:56 GMT

GET
H2 200 _5foto.jpg
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 6 KB
6 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_5foto.jpg?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08a1c8b53b26a78b12ce954ea83c2871510ea5d9a77ccff9a3eb908d34f70cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:57 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:57 GMT

GET
H2 200 _5text.png
s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/ Frame A081 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/images/_5text.png?1621522399776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb349cccc37de232863a4be0f9b269480f74bf375ca62c922297bab4db29dfe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10756394676870163845/Melas-Side-Mayis-DE-AD-html-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:53:57 GMT
x-content-type-options: nosniff
age: 135005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2677
x-xss-protection: 0
last-modified: Mon, 24 May 2021 11:13:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 16:53:57 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 36ms
36ms Image
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211101&jk=1036614213874352&bg=!Hh2lHVnNAAYH3anuB907ACkAdvg8Wt5VyNa1JGnnd7Mzt3jhQzV5GJrvHGwW2WiUP4jB3rrZkTHl8AIAAAByUgAAAAtoAQeZArEXsBT7H5qduMOohO1clOA3d0tVoci3b9mWm4VYJm6eSLcrFtCfoZMVyYz-mXqPTKA4FkiV5x0lS9ULmS_7dE4v-XMmYMcxNLjGr6mO79Jkz9aGEfZAnRLFJiHjMEebkl-vi1KbSq7Zn1aVr2vIIdDSVE0XVYDyoGTjGl-CGchlxAxHKTbeepXLPJ8qnhcd40SzrVG0EI0nMaoL3dji3nAR2n56Ks9UE7BmUAdj895jMbPMUIjfx4HqiFIQYmWjUPcYppi8Q-PftgzGkwJBvkOcehXK7LVDU6TdbJZopv9x9039ur3zCk9eYWLj1jzw9Q09nTuN-o0h4i1q8LkWDlCHmTrYRONZqRsH_JTF-Izic4ndLZ-7h0N6A6_XY_kuYTjNwXZTrGxEmxf7UBGLEuRMCsKSZoqECpEgWxLUUrXyIFz6nlYGxlbE3E2nWG6kab3upx6iQPbsDlMTAoMpqi4-DQq5cOa4DbM3A45FTcrzzqPtfouL_6mYW87aPYDYbZpb8S-9MFY9cMUNGRHJ2_aLGQiWdUizoLMf0HYlt7FDTmMzbF2GMu1VXRROwzv7lKpjE5GpYfnZNCyy8BXacfSOaex7oM60MQ9gMMp9O8VAKHujZdYWbAB_la4ZULcj_ies6ZP0h3njwDfbf5VrEGvc_w5EwqCpK7sBeK3ukBsJdaPs7CAqNkjJfheXoFIy27uTFB_RhMvogSbEHZFQ7ESu7Lt16D0H866-wJEfeUIGStzJUJaD5NPfQPoBSsoPPo_pZSWmjqsMBQXysKm7tnox7GeBgt6N6Ge5YR49evA4Uh99oW6B-57JfvGeDHrk71VFkBe-ChZub4dYDw1kvp-04n9VWouS41YZPgrwdN30kwOpz3jvzFEgSQVpgR7bW-XwkHut4UZyGnudc9zRFHtPZA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2BF 42 B
174 B 27ms
26ms Fetch
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjstc01kfCHX00RimfoGV94oSfP6htkVp2RJTgdUjSVoGnkrub5-4LGlMm9lSE9WZlCbiah4BrIKxUUHZQ8rLFRLO6tjVPLZMKpB_SOHh3U9nz6WGXRw&sai=AMfl-YQcHu4Lpqx_GioMO5BLbjt2hPdmqhTO4HtDO_SlkRnYdd-nDngFM-BOgEaRBIYuCbQzTN0wxcTUdQYR&sig=Cg0ArKJSzGcd72EU0rwoEAE&cid=CAASBORofb8&id=lidar2&mcvt=1004&p=0,0,280,336&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4223602507&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636093440724&rpt=596&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F7D 42 B
108 B 27ms
27ms Fetch
image/gif 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsub5Ze-dnjSehjJIG8tS6jB4YxQ-bz74BGrhJ2OwrxEzTIX-0jhY9_3bqUBwI0VXUCHO1EaU5Ye3Yb48RATJBrzgCZzfwvUJCBmfHfthknBislLu_cwcA&sai=AMfl-YR7oJNdzXBM1B2eRA9fY16crjjFjvTwMAVwAfIhZn8OsWTMK7iJvY-T4ramd3z3LOZTEVBbuN1Ri1dmGy5Rg_uZpxkT-C9n-sRmShaEjVNqN6dH585a99ymMYgEiJw&sig=Cg0ArKJSzK3mAA0GmTHVEAE&cid=CAASFeRoqnNz6ar1mUzSarko98hFh0-ocw&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=0.74&if=1&app=0&itpl=20&adk=3914965158&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636093440730&rpt=767&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:24:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.balatarin.com/analytics	1969-12-31 23:59:59	Name: geo Value: 0
balatarin.com/	1969-12-31 23:59:59	Name: geo Value: 0
www.balatarin.com/	1969-12-31 23:59:59	Name: geo Value: 0
www.balatarin.com/	1969-12-31 23:59:59	Name: _balat_session_new Value: ldpVDdZRXrqRjf5JzZXwHAp7X%2BKcJe5VtDEYjb0mKLF9jGJbtkJeppuvNQPGWHyqZ5JvmW444b20Mk6oqqMqg1U0zXvxnD6%2BtEc%2BO9eSh7Jxq%2FLTmZycNOoGpTB8JDII1NYu4xxuFyBB6l7oePze%2FtfLe1%2BSJFCpqzWaG%2FfaxIP4V%2Fueqe%2Bi3vC7JfSNmWd1Nt7hBLp9hdIQzWq0KxjXjd9Xw%2FhI7A3BLK38rsx9lAEbh%2Bc%3D--jNL5g%2FhvSYeqm6Ss--2lXOXBkNcOSUTvTxzxCPbg%3D%3D
www.balatarin.com/	1970-01-20 15:59:25	Name: _ga Value: GA1.1.934517177.1636093441
www.balatarin.com/	1970-01-19 22:29:39	Name: _gid Value: GA1.1.1641167353.1636093441
www.balatarin.com/	1970-01-19 22:28:13	Name: _gat Value: 1
.balatarin.com/	1970-01-20 07:49:49	Name: __gads Value: ID=8c13f0ccd8e50301-2253913227cb003c:T=1636093440:S=ALNI_MZC-iiYJrafrB4RJlQpIgLk00Ph6g
.doubleclick.net/	1970-01-20 07:49:49	Name: IDE Value: AHWqTUkPhzKTbmWvGzr7w_Gt5ATgmT2Rcb0cU8BAx3lDZR0K8omXyWkTpx0Tj1RYOsA
.adnxs.com/	1970-01-20 00:37:49	Name: uuid2 Value: 3209464886435547039
.casalemedia.com/	1970-01-20 07:13:49	Name: CMID Value: YYTOAU5cHeAxwd4tOJeJrQAA
.casalemedia.com/	1970-01-20 00:37:49	Name: CMPS Value: 5224
.adnxs.com/	1970-01-20 00:37:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb:Ed<6!@wnfH8K6pQK`!5=E<L5?%K7/Qux'a3E[!7O$a6iTX?)0sMM$A1oU^o?u5hP(hw9P-HC_#tt.p)k8ro
.casalemedia.com/	1970-01-20 00:37:49	Name: CMPRO Value: 1187
.casalemedia.com/	1970-01-19 22:29:39	Name: CMST Value: YYTOAWGEzgEA
.openx.net/	1970-01-20 07:13:49	Name: i Value: 5fdf905b-f6b5-4735-a2cd-ee1b5700e3af\|1636093441
.casalemedia.com/	1970-01-20 07:13:49	Name: CMRUM3 Value: 2d6184ce012760CAESEEW9O2U0S2UrzvqdHfveMv8
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: c6ca7a32d4274526

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6df4348a60f925191082d3067173fba9.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.balatarin.com
balatarin.com
bam-cell.nr-data.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.balatarin.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
z-na.amazon-adsystem.com
104.111.242.245
107.178.241.59
142.250.185.130
151.101.194.137
162.247.243.146
172.217.16.130
172.217.18.98
18.66.244.35
18.66.248.8
2.18.234.21
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9b
2a00:1450:400e:801::200e
2a00:1450:400e:80d::2002
35.244.159.8
37.252.173.22
52.217.45.158
01e8be0ce68b918e6df4a69a1810833c9f1b4e23f83d9bf1dd4b7416094ea038
029a701689c9a2ea7a74b4e63c847225fa963e07f627cee0d095426492de3268
03d5c445fbf76b8749bdac185d39ee6f2255ba15d67c66f10a7c69d978ac3faf
041d490d1711c66780218d94380266960437bf9e5111d2c46533617fa2cbdfc3
06bc9c15fa48ecfbe3f719b058325cacce0a1d37f0d5bf228262c4e559b09383
0947bdc664a90426f1c1c7e94b7cbead8798831712b814cf2bc65cdb65424366
0a66d11658eb735e0c29b2bc189e046b9a2d6fea81b820ac54b91917bc9a1a91
0a9649faf44a921411a66aa1fe60ad1b30aff3942c8ad679bd612edbc67431e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df244751fbd24d53fc976210530e46dd86a6557763ddff979e142b6ca74e313
0e84114a3dfea9de7526d14afbd5058dbb223bf2a82e3ce1673bf900df67e186
105e2f8204e6e95a7d0ea145d8fa9d8458713238fbb69fea9efb570ce0722e01
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1b100d6f6006316698ed8738e2cde9e7d1548eb25cb4e5d9a42076c78348c2ad
1ee5a0ff3254536946b8315b1eece469c56f9838e89b70114cb9aae3126b040f
2144225313f47a1f46e0d3d964cae62936c97ea81d05c27c41290cea2ce6e7f7
2ab379919c50ca7816ef1d6d453d56c335169a9cc4cf1a4fe635b4db5bdee442
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3034d941c71b16d3b5a51a29c51fb8f0d3ee2e1c5c5eaba2548099d3014bd423
307520ca90b125e2d66d9c04f56978a2a646dca639793e15359e0575d474340e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35536ef49606e56f276aca623b3ff99c65722c2c15a2889ab3a20b0125b9926e
36b5e5851621a33c738e5b04c72dc4321a347f9e1f61a9e0b6020e7e7607493a
38984083170991a4559893b0ccfb37dba0d60e7cf9ed60e7a01cb764477a9a95
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5965fa18c33696faf34ac82fe2e8f822a454eb4730955bc45e09b8621bf5ff1e
5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11
61f0bae20615afaf9c06c22fe55a31e924784e8fc964a1f24bbbb1eeaf4d92fe
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6ac241351963d0fe3dc81af2508f1a6afd7ec53210d4eb45b09a1d9c001e968a
7056d4c239b8dd9b29ba5a98d89399c4101cf00cd9415f54cdac737299250bf6
73690949ecdb6dac1be0d48f8538cf8f0cb36d124f80cc72c143a518bc2760fa
740aa91be94944a9ae8b3d30ca53f60bf0d3ffa7be35002100d7e40a5b7d3a94
76f2efae3bc502b750e780800e2c8fd45f31d9362d13e04be506519baf039f6f
7a3cc681a05e6808f2e1a45ed9d252e5b6e3464a7852e844d6d46ddb179d2da1
7f1184a3fa0d2ceef8850b9b41a1fc30424ee6da00dfdec37dc3c7531700bc4c
823abdb0c8c0e012bc175b9610936b15a79f4b64cc546c567e4dd71fe44fe25a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c
84a06c3e4c8332045aa5afd5def69f6db9866f900e53fceaf6325bb049490e0b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d372acd305d7a183222e9550520ecd447d77e1e6718a499b8bed63da233434c
9036982ac69605d8474320cf5298232cd68b0dfd1a2d0d5ef7c520ce26c46495
903e5e86fe8b0f44a0e206fd24d94cc167ae8efd2f6d3d5e3c0d0478c1732723
906ea233d873e29618acd939573ee963d311fcc1b5622327f965a50760567c59
9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845
9c4987f6bdbb64b7ac43b0cd648223a109c5b49c7b86e0b34c6742087e52310e
9c9f9a528c0457d89fed8abb160dff9269902f3fb8f78fb881bffbec95c1aad8
9d9214be4539b3439a030f342167f24dd0703d1f45b7160ce45499310afe2da0
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a095f2110083c0b41096041d4a28ffaa1fec8af6325ab74c01b11ec81f75aba1
a0aa51640b4b7a18294c8779e4252e86c5b71ea5bbc404dd1428e54e29283b9c
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2609e489881e8e89df0ee06586c6e2cfe4a7a443a285d2b8a86ba055986e485
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a8d3582896af43620c8a3192be5d876030b1a7a573f673b4103a848832f5b758
a9f248c09dce9f414416f8242b66d1d0806110b8f6209ab1ade8149c22a7e794
abe58f705be3d0596ceaab779336b2d231b4ff1d2d186d68995b141e9d98c054
ac83d933b0e2feb18d5d44c5f912708aa430b79f3966895fd62a6d1187af5b49
ae19e8b073e4e512a63fdbba99b1c25539695386fcedc2095b9b2a8f62bd2860
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d6225975e29e029a12b95116b17e998b2e7d95756d103083de6a11ef8d2727
b4d009875855f984ecd95c627af585c11b09758e2f13db411c615bf4d3a8a995
b589feb2eae9436420e07b6edbff180a94ed82613a4e8d5c90fc2b8e5b4350b2
b622e1847794d0aa129a2187b0ec2586b0a970bd9c2f41f4454ce98fe8d65e83
bac77efddabbb74c88944d8f85374a285e60184ef9547968a4d2246f95b90f4f
bc501b4b4201cbf922e2e8283e7956042732a2149b7ce1656ab60eba1a759eda
bd512d44dc335bd8ad05670d2d754fdf3de777ea680bf9e5d6b944b7414f6975
be0ec02366a3b62c5201f82136f514079dda10464671ca87f875c54814112cec
bfeec7880358c1379265ab91d8712a139317d9a1569d1018866943e2f6e150c1
c3d59712393b786d034b66ed0d6f749e8d1bb04514ca218c84b10e7fe22bbbeb
c5875326ec6d93e5ef0828c3337548714ae85f230f02a58a52b2328ae2f68365
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5
c94a1406b61864413393911ccbcce4818af3a5bf9fef1c8198611e1daa4ababd
cbcfa87fa97d4f60ace8d50983766a21457eae3f0444740aeebd231d4c20a739
cd49da589214e08328a45219da5dcad93a54abd65753de47ffa60cd99e452af7
cddf6103760c340e0142a771fa5147dddaf4618479c7b5a51ff6c5b12fc5d402
d0949d0ec1d8265ccc140d4a24751700d175f35bc012e9ce32b8785470ae4ce0
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d213eb2348dfa185b18a1f7f6b4acc67238aba87f4ccad1dfaa0be0963214a33
d43e21ef6cae0cc8a20ba44c7f524173229689417d8a760eece647beada16f6c
d45a95644966d8c995880cc225feeaa5aec9d60033e42b1c137b106ac216d281
d6d1d02238cb0b040b97cf9a0c2f0ade5af086b0fbc62f1ed796cb09915dfecc
d93784357fad185710198e8c035fb6c0eb7c58cd0a04d97e0ada44131012027f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd494fe45ac7bd741f20ed54b6fd12e9453d09f63fe1ab19e201d6aa84f655e5
de2de3da4082335788abe9440714f4601f91694b2263d5a6798f65bfd60e3d52
e33f0edf56cfe3fcd56703ed84036c5d10615663cc829f094ce4c37b23fc80fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4588342bba11ba153481b64739ea88d258aad20dc1f0ddd03f0aa0edaac3802
e581c3bf6f9547d2b323c8e1ab6546470435b69417d12984bc0fb08c90307112
e963d28a570c55c82529185cbb932d9144b8f7cf6fb268d562024f888f3a4d02
e9a4eeac096226d9bbe714b088e7ed786ded793f2055f554f8afdeb86896630b
eb349cccc37de232863a4be0f9b269480f74bf375ca62c922297bab4db29dfe2
eb49832f2a4b17ffa3adf52b883dd02352c7033f152581a4fcf594d660513a4e
ecd00971f602468123dda829056b9d8c73c0dc678c64781f8c2400f0c30faeeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02bda296fb979e9ddf4b99b8b540ddf66566fe97387842954f338008154f452
f08a1c8b53b26a78b12ce954ea83c2871510ea5d9a77ccff9a3eb908d34f70cd
f10f8b6b97f334ac7d5c0331f03337849e441f936dd98cec6909e3577234da71
f302819f800bc68fdfdf3cad6214240248af78d7071488b2149d2378c105fbf3
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fa4438f4a34aeb7e17df15b02f3456db77358e41f815727adc422a714715974e
fb295f9ed52195467fea32ab3d651cba2c82540c6f250220c283e22210625ae2
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fbdb155285c04ce38351d4e35ee244a28f3e7a8f0865fd4131fe51096911ecd7
fc71dc68244a62b9008dcb887d64b8ce4b0ada99329bf1781c85e806d2a234f6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd5e751adea1b70af1b4ad17ef0b9e1a039262904db4a875a740b97ae2994afd
fd9a783ddcf65eed96951b365a74ae656e34dffbc6917f6b48f6ba64d8daa95c

www.balatarin.com Open in urlscan Pro 107.178.241.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

154 Requests

95 %HTTPS

48 %IPv6

18 Domains

28 Subdomains

26 IPs

4 Countries

1560 kBTransfer

3640 kBSize

18 Cookies

14 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.balatarin.com Open in urlscan Pro
107.178.241.59 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

95 %
HTTPS

48 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

1560 kB
Transfer

3640 kB
Size

18
Cookies

154 HTTP transactions
3 data transactions