urlscan.io logo urlscan.io
SecurityTrails logo

dan.balers.farm Open in urlscan Pro
199.59.243.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://balers.farm/
Effective URL: https://dan.balers.farm/
Submission: On August 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 199.59.243.200, located in United States and belongs to AMAZON-02, US. The main domain is dan.balers.farm.
TLS certificate: Issued by R3 on May 31st 2022. Valid for: 3 months.
This is the only time dan.balers.farm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a05:d014:9da:8c10:624d:5ea1:12e9:798b (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
balers.farm
9    199.59.243.200 (United States)

ASN16509 (AMAZON-02, US)
dan.balers.farm
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net
widget.trustpilot.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 balers.farm
balers.farm
dan.balers.farm
47 KB
10 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5349
65 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 10
107 KB
3 gstatic.com
fonts.gstatic.com
111 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 11926
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
629 B
32 7
Domain Requested by
10 widget.trustpilot.com dan.balers.farm
widget.trustpilot.com
9 dan.balers.farm 1 redirects dan.balers.farm
5 www.google.com dan.balers.farm
www.google.com
4 balers.farm 3 redirects dan.balers.farm
3 fonts.gstatic.com fonts.googleapis.com
2 afs.googleusercontent.com www.google.com
2 fonts.googleapis.com www.google.com
client
1 partner.googleadservices.com www.google.com
32 8

This site contains links to these domains. Also see Links.

Domain
dan.com
www.bodis.com
Subject Issuer Validity Valid
dan.balers.farm
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.trustpilot.com
Amazon		 2022-03-04 -
2023-04-02		 a year crt.sh
balers.farm
R3		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://dan.balers.farm/
Frame ID: B0D844BDD32FD5FAF1C62E1A2E6D51BD
Requests: 17 HTTP requests in this frame

Frame: https://balers.farm/de-de/embed
Frame ID: 2ECDC192FE472C95C1628545962F904E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=7832109178&pcsa=false&channel=pid-bodis-gcontrol200%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol408&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2288566281322033&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r4&nocache=3301660010784139&num=0&output=afd_ads&domain_name=dan.balers.farm&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1660010784140&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=171&frm=0&uio=-&cont=rs&jsid=caf&jsv=464605827&rurl=https%3A%2F%2Fdan.balers.farm%2F&adbw=master-1%3A1584
Frame ID: 3CC19285E33070F1C7B3634CC02FD379
Requests: 6 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
Frame ID: 122542F8EB7BFA8EDC50CD1CAA0C78E2
Requests: 5 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
Frame ID: 08149BEA25B4382D7B9E4934C0A61166
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Balers.farm

Page URL History Show full URLs

  1. http://balers.farm/ HTTP 301
    http://balers.farm/de-de HTTP 302
    http://dan.balers.farm/ HTTP 301
    https://dan.balers.farm/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

32
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

332 kB
Transfer

728 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://balers.farm/ HTTP 301
    http://balers.farm/de-de HTTP 302
    http://dan.balers.farm/ HTTP 301
    https://dan.balers.farm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://balers.farm/embed HTTP 301
  • https://balers.farm/de-de/embed

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dan.balers.farm/
Redirect Chain
  • http://balers.farm/
  • http://balers.farm/de-de
  • http://dan.balers.farm/
  • https://dan.balers.farm/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dan.balers.farm/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
50d6dea2e50c193b344a54051f0957522a179b99e6227ccebb1cb74a609b8249

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 02:06:23 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
pragma
no-cache
server
openresty
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_T4d7S8l2gUv3vGb509M96uPDv/2PPfTmTHXsH7qv+E64EzS0bqPm2oZW6nH2+2vqfgX5FL4/DBsow3VV5mdrxA==

Redirect headers

Cache-Control
no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 02:06:23 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Location
https://dan.balers.farm/
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
parking.2.94.0.js
dan.balers.farm/js/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dan.balers.farm/js/parking.2.94.0.js
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
abb1384cf9dbcee17f6463011a80b1b4bf4dfd92dedc2b45f3f34c13bd33077d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:23 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 20:53:09 GMT
server
openresty
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
_fd
dan.balers.farm/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dan.balers.farm/_fd
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/js/parking.2.94.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
be0e6dab4356c52bcecc86639dce868b2a7c91dbfe4b33b48bc70a9a056824b1

Request headers

Accept
application/json
Referer
https://dan.balers.farm/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:24 GMT
content-encoding
gzip
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-version
2.94.0
expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/js/parking.2.94.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a654968e3b026893643c74ac715d068a6daee6906b72642a7d76e30f1738fcd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 02:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"10318188865445771520"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Aug 2022 02:06:24 GMT
px.gif
dan.balers.farm/ 		42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dan.balers.farm/px.gif?ch=1&rn=2.6833147826060575
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:24 GMT
last-modified
Wed, 15 Sep 2021 19:38:30 GMT
server
openresty
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
content-length
42
expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif
dan.balers.farm/ 		42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dan.balers.farm/px.gif?ch=2&rn=2.6833147826060575
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:24 GMT
last-modified
Wed, 15 Sep 2021 19:38:30 GMT
server
openresty
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
content-length
42
expires
Thu, 01 Jan 1970 00:00:01 GMT
tp.widget.sync.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/js/parking.2.94.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
76879
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Mon, 08 Aug 2022 04:45:06 GMT
content-length
712
x-xss-protection
1; mode=block
last-modified
Mon, 30 May 2022 14:38:03 GMT
server
AmazonS3
etag
"a148992a7b15dc7e6a9fa9d5e18e4368"
content-type
application/x-javascript
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
8_BSdh0kHIO4btrCqZTouffpHUPz0N24CRXTpztueV37lRT-Ay6I-g==
iframeResizer.min.js
dan.balers.farm/assets/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dan.balers.farm/assets/iframeResizer.min.js
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/js/parking.2.94.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0321a5e8c10349b787271b467dea6fa6491ceba6302540578f0eaf2c72c19ab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 02:06:24 GMT
content-encoding
gzip
etag
W/"61424bb6-34e7"
last-modified
Wed, 15 Sep 2021 19:38:30 GMT
server
openresty
x-backend-server
ip-10-201-16-222.ec2.internal
content-type
application/javascript; charset=utf-8
embed
balers.farm/de-de/ Frame 2ECD
Redirect Chain
  • https://balers.farm/embed
  • https://balers.farm/de-de/embed
568 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://balers.farm/de-de/embed
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/js/parking.2.94.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:9da:8c10:624d:5ea1:12e9:798b Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
70915cd0e7d618cb4616d87f56b2b4f8b43dcabffbe1bff85551a5f2b9c84ad8

Request headers

Referer
https://dan.balers.farm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html
date
Tue, 09 Aug 2022 02:06:24 GMT
server
openresty

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 02:06:24 GMT
location
https://balers.farm/de-de/embed
referrer-policy
strict-origin-when-cross-origin
server
openresty
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c9ec7d79-6088-4180-9e2c-56c0aea9486d
x-runtime
0.024630
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ 		188 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dan.balers.farm&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
93241b569a705359fef704071dafc4127c77462d5d4c0a8047d89fcb9196699a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 02:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
184
x-xss-protection
0
ads
www.google.com/afs/ Frame 3CC1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=7832109178&pcsa=false&channel=pid-bodis-gcontrol200%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol408&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2288566281322033&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r4&nocache=3301660010784139&num=0&output=afd_ads&domain_name=dan.balers.farm&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1660010784140&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=171&frm=0&uio=-&cont=rs&jsid=caf&jsv=464605827&rurl=https%3A%2F%2Fdan.balers.farm%2F&adbw=master-1%3A1584
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
20d99bab3e5f5673b6c7e2047e3be14d001bd5f710ec525d8a3d412edc9c2515
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dan.balers.farm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
1912
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 02:06:24 GMT
expires
Tue, 09 Aug 2022 02:06:24 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
gws
x-xss-protection
0
dan-logo2.svg
dan.balers.farm/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dan.balers.farm/assets/dan-logo2.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1142eb2d46404465a002165b7279de6f0763a23d605e84ab3aa92d307e2d63cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 02:06:24 GMT
last-modified
Wed, 15 Sep 2021 19:38:30 GMT
server
openresty
etag
"61424bb6-23b5"
content-type
image/svg+xml
accept-ranges
bytes
x-backend-server
ip-10-201-16-222.ec2.internal
content-length
9141
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
83934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Mon, 08 Aug 2022 02:47:31 GMT
content-length
6124
x-xss-protection
1; mode=block
last-modified
Mon, 30 May 2022 14:38:02 GMT
server
AmazonS3
etag
"5add60196e5f96a414fb4b9586764e5d"
content-type
application/x-javascript
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
Byk1z21Eh9ULLsjRY1szvfEHSeiT77evAu-4fq4idt8MC9OUfhal1g==
index.html
widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/ Frame 1225 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
868ce2ff8403e13a809fa50f3d35f095f7a6d213f2c35c9880700f9c4c29eeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dan.balers.farm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49411
cache-control
max-age=86400
content-encoding
gzip
content-length
1912
content-type
text/html
date
Mon, 08 Aug 2022 12:26:30 GMT
etag
"3243c0b300364ff33b599aa746f1f881"
last-modified
Tue, 02 Aug 2022 12:21:19 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-amz-cf-id
iD2kgCfRVsm0QCC_zYtqGQj0_GwrByZ0BE7UpCjD4f2si6d3hE__cg==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.js
widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/ Frame 1225 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bad86ec45ea9c1fa5d4d611b771489aae116813c6089069d05090a3519c4016c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
49447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Mon, 08 Aug 2022 12:22:18 GMT
content-length
17339
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 12:21:22 GMT
server
AmazonS3
etag
"42b29a7e335b37f7b722bb93949809d8"
content-type
application/x-javascript
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
nyb2JPhaZaP19wCSDz38HhCvBhSJP2YfI8S2Z5zQnWtWYQ-WsqQIwQ==
5418015fb0d04a0c9cf721f2
widget.trustpilot.com/trustbox-data/ Frame 1225 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/5418015fb0d04a0c9cf721f2?businessUnitId=5aa29819243d5a0001f9665a&locale=en-US&reviewStars=1%2C2%2C3%2C4%2C5&reviewsPerPage=20
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
/
Resource Hash
bad6a7b5f1892db75d4b0c7344cd965a82892ae9958ed3de892cbd9a60dc217c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
1197
x-cache
Hit from cloudfront
date
Tue, 09 Aug 2022 01:46:27 GMT
content-length
3209
x-xss-protection
1; mode=block
x-skip-cache-cookie
0
etag
"3b2fd0bc2401e6bb59278345fed781b7"
vary
Accept-Encoding
x-fallback-status
BYPASS
content-type
application/json; charset=utf-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public,max-age=1800
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
SMKFIck38I7-Rw7ySSNhpkvjNzyBklbJHHLvm5B0E6-AVyaqa-xVxg==
TrustboxImpression
widget.trustpilot.com/stats/ Frame 1225 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=30px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fdan.balers.farm%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5aa29819243d5a0001f9665a&widgetId=5418015fb0d04a0c9cf721f2
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:24 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
ApW4FMvzHh3Z89Z1cJi1HsT5uWXUkjyXMvb0ZO42KXCsRVSb_Z9z8w==
x-xss-protection
1; mode=block
TrustboxView
widget.trustpilot.com/stats/ Frame 1225 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=30px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fdan.balers.farm%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5aa29819243d5a0001f9665a&widgetId=5418015fb0d04a0c9cf721f2
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/index.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:23 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
1fw_z0VBm9rmOjlgVMMNqS4kbuy5aWzd_uRylNIdQz4K-cROJGz3vw==
x-xss-protection
1; mode=block
popup.html
widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/ Frame 0814 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2476c1460866bc081615fd869f22e6935d574d0e5055ce0b721f822dd42e3789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dan.balers.farm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
80712
cache-control
max-age=86400
content-encoding
gzip
content-length
3580
content-type
text/html
date
Mon, 08 Aug 2022 03:43:50 GMT
etag
"b7008580f13f8c16a42ebb386220ab79"
last-modified
Tue, 02 Aug 2022 12:21:25 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-amz-cf-id
9tfJ1t7PoNRm5QxKVObIDMoU0Z-8UG2FlYAveFOZ1NRi9JbGytzxHg==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
popup.js
widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/ Frame 0814 		95 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f44559a73c202748f8b49716760c859df0bb846053fbfe29ee053a539f9d2483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
49448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Mon, 08 Aug 2022 12:25:45 GMT
content-length
26451
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 12:21:26 GMT
server
AmazonS3
etag
"b59f3ecccea59cd8ec8d1c691bea9a77"
content-type
application/x-javascript
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
jAWKRjFQ3aaekVWebyyo4OpSKL7yz2vsE0YSX9ic4zSUfyLgIX4Zcg==
caf.js
www.google.com/adsense/domains/ Frame 3CC1 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=7832109178&pcsa=false&channel=pid-bodis-gcontrol200%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol408&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2288566281322033&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r4&nocache=3301660010784139&num=0&output=afd_ads&domain_name=dan.balers.farm&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1660010784140&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=171&frm=0&uio=-&cont=rs&jsid=caf&jsv=464605827&rurl=https%3A%2F%2Fdan.balers.farm%2F&adbw=master-1%3A1584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b6089ae397ea88f0cf9fbec2e8a1e23eb8084982e7f8ff74064e1e98831dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 02:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"12775190463853824985"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Aug 2022 02:06:24 GMT
5418015fb0d04a0c9cf721f2
widget.trustpilot.com/trustbox-data/ Frame 0814 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/5418015fb0d04a0c9cf721f2?businessUnitId=5aa29819243d5a0001f9665a&locale=en-US&reviewStars=1%2C2%2C3%2C4%2C5&reviewsPerPage=20
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
/
Resource Hash
bad6a7b5f1892db75d4b0c7344cd965a82892ae9958ed3de892cbd9a60dc217c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5418015fb0d04a0c9cf721f2/popup.html?templateId=5418015fb0d04a0c9cf721f2&businessunitId=5aa29819243d5a0001f9665a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
1197
x-cache
Hit from cloudfront
date
Tue, 09 Aug 2022 01:46:27 GMT
content-length
3209
x-xss-protection
1; mode=block
x-skip-cache-cookie
0
etag
"3b2fd0bc2401e6bb59278345fed781b7"
vary
Accept-Encoding
x-fallback-status
BYPASS
content-type
application/json; charset=utf-8
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
public,max-age=1800
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
lzg-_2S49wRXE8AyNcvBrFbVl-J3UJKTJA3YJvqO14aSGgPXMXL7nw==
css
fonts.googleapis.com/ Frame 3CC1 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?pac=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 01:07:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 02:06:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 02:06:24 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 3CC1 		200 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2334debc
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=7832109178&pcsa=false&channel=pid-bodis-gcontrol200%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol408&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2288566281322033&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r4&nocache=3301660010784139&num=0&output=afd_ads&domain_name=dan.balers.farm&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1660010784140&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=171&frm=0&uio=-&cont=rs&jsid=caf&jsv=464605827&rurl=https%3A%2F%2Fdan.balers.farm%2F&adbw=master-1%3A1584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3af8555b31487d0ef10729a87dbfac623c0ad3655196f570714ab5c266db7bc2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
age
74702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
date
Mon, 08 Aug 2022 05:21:22 GMT
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Tue, 09 Aug 2022 04:21:22 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 3CC1 		200 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2300112c
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=7832109178&pcsa=false&channel=pid-bodis-gcontrol200%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol408&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2288566281322033&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r4&nocache=3301660010784139&num=0&output=afd_ads&domain_name=dan.balers.farm&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1660010784140&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=171&frm=0&uio=-&cont=rs&jsid=caf&jsv=464605827&rurl=https%3A%2F%2Fdan.balers.farm%2F&adbw=master-1%3A1584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07b41864cbad5989bd81ad385da62244fb4aee27134a8afff7f2a9827d4fe7db
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
age
55513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
date
Mon, 08 Aug 2022 10:41:11 GMT
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Tue, 09 Aug 2022 09:41:11 GMT
css2
fonts.googleapis.com/ 		3 KB
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33879984e730747ca61d6dc94fdcb6fc9c034a25810e6a5ef43abd81f16edff7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 01:48:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 02:06:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 02:06:24 GMT
_tr
dan.balers.farm/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dan.balers.farm/_tr
Requested by
Host: dan.balers.farm
URL: https://dan.balers.farm/js/parking.2.94.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
application/json
Referer
https://dan.balers.farm/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 02:06:24 GMT
content-encoding
gzip
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-version
2.94.0
expires
Thu, 01 Jan 1970 00:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CC1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
410673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 08:01:51 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v17/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dan.balers.farm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 19:24:50 GMT
x-content-type-options
nosniff
age
456094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 19:24:50 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v17/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dan.balers.farm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 19:24:50 GMT
x-content-type-options
nosniff
age
456094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 19:24:50 GMT
gen_204
www.google.com/afs/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=5nram0s7l2ab&aqid=IMHxYsHtC4SC1waL7J_YDg&psid=7832109178&pbt=bs&adbx=600&adby=197.5&adbh=456&adbw=400&adbah=100%2C100%2C100%2C100&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=464605827&csala=7%7C0%7C105%7C41%7C53&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Tue, 09 Aug 2022 02:06:25 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=t8xlfyb0lr41&aqid=IMHxYsHtC4SC1waL7J_YDg&psid=7832109178&pbt=bv&adbx=600&adby=197.5&adbh=456&adbw=400&adbah=100%2C100%2C100%2C100&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=464605827&csala=7%7C0%7C105%7C41%7C53&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dan.balers.farm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Tue, 09 Aug 2022 02:06:26 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| park object| regeneratorRuntime function| setImmediate function| clearImmediate number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| Trustpilot function| iFrameResize

5 Cookies

Domain/Path Name / Value
.balers.farm/ Name: ssl
Value: true
dan.balers.farm/ Name: parking_session
Value: 9e52ae78-0a62-5412-13f1-bd00028eb4ae
.dan.balers.farm/ Name: __gsas
Value: ID=8b0acf61685d856f:T=1660010784:S=ALNI_MZBPv91t9BctTOKXT_-6MP2niOGrg
balers.farm/ Name: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca
Value: D5QD2tV2Q%2Fy8c7J2hU5ouPJSxFibmsMSenKmwK3ve8%2Fd%2Fd8mgM%2FcNmp8xylbFXqrqoTNP%2FE0a25IOT2gVNEBZoHRDRYPUb7yK6e0fm5pLSYcZ9YdnH7ebCmSpl75cJpeZMOGfG4gM%2BdhsP2nhr4fErc%2BKnN%2FfS2SkULx5xvEhiSKn%2BPQPlEvrLoJ7CyIvzWE0Yji8sFDlZwp3SUCVBKnzD0UYS2adpTEtm5G0fbY4MamAK6mHbI0EWMk1oolZRgCxk3BvMPI5e9I4ZjjO%2BwLWH5taScd8%2F8mzZqoYbKTjGg%2BFG0mpbSfHo5lYTPmTAWJ%2B3GtaEjC5w5U4pzoFzO0ukwCedS5TgGPWDOIMg%3D%3D--hmJwaU5gO3Qf1yEW--MhHzJV1vBN3QVgaWjidlyw%3D%3D
.google.com/ Name: NID
Value: 511=LRppnbI3VQfsYOW4gwcDa95mZIHi2odaTBKbBhu6hwXxurEp_A26rSandF0HAluFSV0N9SOc_ojIMCRejIHBXdYg_TSnQcQ75ejhbVwYxxTMvHULji8r6Mmn010lYql67AhPZmWbfJ3hBUo4qNa_8iYdHNq8-3JBvUYogg1wIMk

1 Console Messages

Source Level URL
Text
network error URL: https://balers.farm/de-de/embed
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
balers.farm
dan.balers.farm
fonts.googleapis.com
fonts.gstatic.com
partner.googleadservices.com
widget.trustpilot.com
www.google.com
142.250.181.226
199.59.243.200
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a05:d014:9da:8c10:624d:5ea1:12e9:798b
52.222.236.71
0321a5e8c10349b787271b467dea6fa6491ceba6302540578f0eaf2c72c19ab3
07b41864cbad5989bd81ad385da62244fb4aee27134a8afff7f2a9827d4fe7db
1142eb2d46404465a002165b7279de6f0763a23d605e84ab3aa92d307e2d63cc
20d99bab3e5f5673b6c7e2047e3be14d001bd5f710ec525d8a3d412edc9c2515
2476c1460866bc081615fd869f22e6935d574d0e5055ce0b721f822dd42e3789
33879984e730747ca61d6dc94fdcb6fc9c034a25810e6a5ef43abd81f16edff7
3af8555b31487d0ef10729a87dbfac623c0ad3655196f570714ab5c266db7bc2
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
50d6dea2e50c193b344a54051f0957522a179b99e6227ccebb1cb74a609b8249
61b6089ae397ea88f0cf9fbec2e8a1e23eb8084982e7f8ff74064e1e98831dce
70915cd0e7d618cb4616d87f56b2b4f8b43dcabffbe1bff85551a5f2b9c84ad8
868ce2ff8403e13a809fa50f3d35f095f7a6d213f2c35c9880700f9c4c29eeef
90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073
93241b569a705359fef704071dafc4127c77462d5d4c0a8047d89fcb9196699a
a654968e3b026893643c74ac715d068a6daee6906b72642a7d76e30f1738fcd0
abb1384cf9dbcee17f6463011a80b1b4bf4dfd92dedc2b45f3f34c13bd33077d
bad6a7b5f1892db75d4b0c7344cd965a82892ae9958ed3de892cbd9a60dc217c
bad86ec45ea9c1fa5d4d611b771489aae116813c6089069d05090a3519c4016c
be0e6dab4356c52bcecc86639dce868b2a7c91dbfe4b33b48bc70a9a056824b1
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f44559a73c202748f8b49716760c859df0bb846053fbfe29ee053a539f9d2483
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615