urlscan.io logo urlscan.io
SecurityTrails logo

www.balatarin.com Open in urlscan Pro
2600:1901:0:6f1d::  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.balatarin.com/users/monogramsigns
Submission: On November 21 via manual from VN — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 9 domains to perform 32 HTTP transactions. The main IP is 2600:1901:0:6f1d::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.balatarin.com. The Cisco Umbrella rank of the primary domain is 703211.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time www.balatarin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:1901:0:6f1d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
www.balatarin.com
5    18.238.243.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-86.ams58.r.cloudfront.net
assets.balatarin.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.217.201.64 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    18.165.200.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-200-28.lhr50.r.cloudfront.net
z-na.amazon-adsystem.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    52.46.135.70 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
1    52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
225 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
177 KB
6 balatarin.com
www.balatarin.com — Cisco Umbrella Rank: 703211
assets.balatarin.com
209 KB
3 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 9559
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 891
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 8787
8 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 google.ch
www.google.ch — Cisco Umbrella Rank: 30247
408 B
1 amazonaws.com
s3.amazonaws.com
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
34 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
86 KB
32 9
Domain Requested by
7 pagead2.googlesyndication.com www.balatarin.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 assets.balatarin.com www.balatarin.com
assets.balatarin.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net www.balatarin.com
securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 fls-na.amazon-adsystem.com www.balatarin.com
1 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
1 www.google.ch www.balatarin.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 z-na.amazon-adsystem.com www.balatarin.com
1 s3.amazonaws.com www.balatarin.com
1 ajax.googleapis.com www.balatarin.com
1 www.googletagmanager.com www.balatarin.com
1 www.balatarin.com
32 16

This site contains links to these domains. Also see Links.

Domain
memorialsignworld.com
help.balatarin.com
www.balavision.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
www.balatarin.com
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.balatarin.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-17		 a year crt.sh
*.google.ch
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-05-07		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.balatarin.com/users/monogramsigns
Frame ID: C31D45EB8259262600EC24144CB14B99
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 18F892F166F90999C4AA2A84DCF7CF5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1700591906&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700591906389&bpp=6&bdt=468&idt=259&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2334501282708&frm=20&pv=2&ga_vid=1632495921.1700591906&ga_sid=1700591907&ga_hid=2090598977&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079698%2C44806139%2C44807764%2C44808148%2C44808284%2C44809054%2C44809071&oid=2&pvsid=2054284968754383&tmod=254252018&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=280
Frame ID: AF56AD73447A2B48F3FFC2B20E3F39E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=1232758454&adk=3628107873&adf=1072836194&pi=t.ma~as.1232758454&w=336&lmt=1700591906&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&ea=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700591906395&bpp=1&bdt=474&idt=281&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334501282708&frm=20&pv=1&ga_vid=1632495921.1700591906&ga_sid=1700591907&ga_hid=2090598977&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079698%2C44806139%2C44807764%2C44808148%2C44808284%2C44809054%2C44809071&oid=2&pvsid=2054284968754383&tmod=254252018&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=287
Frame ID: 3A29C88EC93D85FD003D9CB6800A2FCF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=4277756953&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1700591906&rafmt=1&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&ea=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700591906396&bpp=2&bdt=475&idt=290&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=2334501282708&frm=20&pv=1&ga_vid=1632495921.1700591906&ga_sid=1700591907&ga_hid=2090598977&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079698%2C44806139%2C44807764%2C44808148%2C44808284%2C44809054%2C44809071&oid=2&pvsid=2054284968754383&tmod=254252018&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=294
Frame ID: 8AA94017D8A8F8FB896DCF08327807FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D3A579D3BDA2B248B68D202598644DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D553692CFEFCFE75AEA8275612B6F76F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بالاترین: لینک‌های monogramsigns (فرستاده)

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

69 %
IPv6

9
Domains

16
Subdomains

16
IPs

3
Countries

744 kB
Transfer

2201 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request monogramsigns
www.balatarin.com/users/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6f1d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
5706234164837526c2584d91928117fb80530a13e9c22676096928c42f91fd89
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Nov 2023 18:38:25 GMT
etag
W/"5706234164837526c2584d91928117fb"
link
<https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css>; rel=preload; as=style; nopush,<https://assets.balatarin.com/assets/application-d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31556952; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ad22557f-3c2e-441c-9f20-2505a4c0ab2d
x-runtime
0.031919
x-xss-protection
0
application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
assets.balatarin.com/assets/ 		251 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 15:03:53 GMT
Content-Encoding
gzip
Via
1.1 e94fc0df161940e9096df2b4fe60d4f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
Age
99274
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 20 Nov 2023 15:03:40 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:ac930f6f377dd087821bf2de5bfd26ad
ETag
W/"ac930f6f377dd087821bf2de5bfd26ad"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
X-Amz-Cf-Id
tjSmGX0SjIESvnI58NpJdmsxalfdYtul4vTeBG3RjXNe_E2dAFGCqg==
application-d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da.js
assets.balatarin.com/assets/ 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/application-d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 14:39:19 GMT
Content-Encoding
gzip
Via
1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
Age
532748
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Nov 2023 14:38:48 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:2481d6a243745651760b216898393e34
ETag
W/"2481d6a243745651760b216898393e34"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Amz-Cf-Id
9R7_F-oOo7zGER7owHIYl7PeCYNn8uqMk51LKyQy_YKnWeurfGJFsA==
js
www.googletagmanager.com/gtag/ 		248 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
139ec06e55a19eaacfb367ec804a890b32c52b9d01938acd8e5a48a2c8d5adf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87560
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 Nov 2023 18:38:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70abf324098a3041d6e3bcc18686325a2bff8f7c7786071bbe4f0b9efeda57fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53020
x-xss-protection
0
server
cafe
etag
12200322954305355314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 18:38:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5037a339716854ab3e1fab965c487c2e660ae6c28ddbb4f94136d361635c326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31387
x-xss-protection
0
server
cafe
etag
10 / 19682 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 18:38:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Nov 2024 15:15:01 GMT
app-af468816e153dddcd4cdcc5fba3e6a6dbb0028fcfd69affe05e80a0f3567d94e.js
assets.balatarin.com/assets/ 		176 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/app-af468816e153dddcd4cdcc5fba3e6a6dbb0028fcfd69affe05e80a0f3567d94e.js
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af468816e153dddcd4cdcc5fba3e6a6dbb0028fcfd69affe05e80a0f3567d94e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 15:03:53 GMT
Content-Encoding
gzip
Via
1.1 e94fc0df161940e9096df2b4fe60d4f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
Age
99274
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 20 Nov 2023 15:03:40 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:d9d2eca4cafbf99e7645bcad6fa1695d
ETag
W/"d9d2eca4cafbf99e7645bcad6fa1695d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Amz-Cf-Id
9rjkFWV24QMnkKLYdjxDw69GIJ5YDf5bxoXyLrqxtC8-G1f4ppygsg==
medium.jpg
s3.amazonaws.com/bala.static/avatars/221889/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/bala.static/avatars/221889/medium.jpg?1700183309
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.201.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e7849f1e01a08565eb4619a50e2ba9f9b2aa34d5486611e73092959bd31fde91

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 21 Nov 2023 18:38:27 GMT
Last-Modified
Fri, 17 Nov 2023 01:08:30 GMT
Server
AmazonS3
x-amz-request-id
S3KGHRB2HM3K94R8
ETag
"a4ac28963c98f938e96b3ed2eca1d06a"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3407
x-amz-id-2
k+cK8bP7N0wfIuhksj0jIl2pHTaRq+s6wtyC/LfWia6XmRZnkyqyiBnfSpmIwHTqRknf4hpWTps=
onejs
z-na.amazon-adsystem.com/widgets/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=072caa77-813c-41fc-84e3-1af5067d7f16
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.200.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-200-28.lhr50.r.cloudfront.net
Software
Server /
Resource Hash
067eda33b6d0530b448f2dd5ccf8f241d303ae90baff8012a33dde214d3300c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
Public
date
Tue, 21 Nov 2023 18:38:26 GMT
content-encoding
gzip
via
1.1 096e5ecae9d1cd03edf8411ad106b092.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
LHR50-P3
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7394
x-amz-cf-id
BHCLTqSIEGRmjEDeKqfubt30Iqg5ETc3RuhsR9UkG5mshz3-zHll1A==
expires
Tue, 21 Nov 2023 18:43:26 GMT
logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
assets.balatarin.com/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.balatarin.com/assets/logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 21:21:06 GMT
Content-Encoding
gzip
Via
1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Nov 2020 23:17:47 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS58-P1
Age
7334240
ETag
W/"699129013888caccc30ce00dc03acd6f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Cache
Hit from cloudfront
Cache-Control
max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
1DsCzYvfIRdPRoUcXMs-6FHPU0XM5-siAlrXq_rpAo94j12wE4Y4tA==
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
assets.balatarin.com/assets/fa-fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.balatarin.com/assets/fa-fonts/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2?v=4.7.0
Requested by
Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-86.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.balatarin.com/assets/application-168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be.css
Origin
https://www.balatarin.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 14:39:24 GMT
Via
1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
Age
532743
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
77160
Last-Modified
Wed, 15 Nov 2023 14:38:52 GMT
Server
AmazonS3
ETag
"af7ae505a9eed503f8b8e6982036873e"
Access-Control-Max-Age
31536000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
https://www.balatarin.com
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Vary
Origin,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
mdWiyXkstB3C9Ot2qEpJ9Abl7BbySsABp1jSJJRamsTVbm0gZROiUA==
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8X79LBSGX3&gtm=45je3b81v9103751878&_p=1700591906143&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1632495921.1700591906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1700591906&sct=1&seg=0&dl=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D9%84%DB%8C%D9%86%DA%A9%E2%80%8C%D9%87%D8%A7%DB%8C%20monogramsigns%20(%D9%81%D8%B1%D8%B3%D8%AA%D8%A7%D8%AF%D9%87)&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&up.logged_in=false&tfd=952
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Nov 2023 18:38:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.balatarin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8X79LBSGX3&cid=1632495921.1700591906&gtm=45je3b81v9103751878&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Nov 2023 18:38:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.balatarin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8X79LBSGX3&cid=1632495921.1700591906&gtm=45je3b81v9103751878&aip=1&dma=0&gcd=11l1l1l1l1&z=637027276
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Nov 2023 18:38:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
20006
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 20 Nov 2024 13:05:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c4edca3108e0b18bd958d725773c875934cf7216841b3931acc07dfa0fcfb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137160
x-xss-protection
0
server
cafe
etag
11368394342430819272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 18:38:26 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 18F8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.balatarin.com/users/monogramsigns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
39481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 07:40:25 GMT
etag
16674218716276178799
expires
Tue, 05 Dec 2023 07:40:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getad
aax-us-east.amazon-adsystem.com/x/ 		50 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22tracking_id%22%3A%22bt2000-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22CH%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22bt2000-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=072caa77-813c-41fc-84e3-1af5067d7f16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.135.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 21 Nov 2023 18:38:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M982Q232R19H7G33E0MR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
ads
googleads.g.doubleclick.net/pagead/ Frame AF56 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1700591906&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700591906389&bpp=6&bdt=468&idt=259&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2334501282708&frm=20&pv=2&ga_vid=1632495921.1700591906&ga_sid=1700591907&ga_hid=2090598977&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079698%2C44806139%2C44807764%2C44808148%2C44808284%2C44809054%2C44809071&oid=2&pvsid=2054284968754383&tmod=254252018&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bff5d28aa24b17a2d9b1aa902f205c6edc3d3e73664e766f3110f6b0f9eceb86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.balatarin.com/users/monogramsigns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5251
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 18:38:27 GMT
expires
Tue, 21 Nov 2023 18:38:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-default%20navbar-fixed-top%20navbar-headroom&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Nov 2023 18:38:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3A29 		721 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=1232758454&adk=3628107873&adf=1072836194&pi=t.ma~as.1232758454&w=336&lmt=1700591906&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&ea=0&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700591906395&bpp=1&bdt=474&idt=281&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334501282708&frm=20&pv=1&ga_vid=1632495921.1700591906&ga_sid=1700591907&ga_hid=2090598977&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079698%2C44806139%2C44807764%2C44808148%2C44808284%2C44809054%2C44809071&oid=2&pvsid=2054284968754383&tmod=254252018&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=287
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d94b4350261c0b1d888534221f5435489c184127ce875c4c85c39d47678272cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.balatarin.com/users/monogramsigns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 18:38:27 GMT
expires
Tue, 21 Nov 2023 18:38:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8AA9 		721 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=9543430451&adk=17676442&adf=4277756953&pi=t.ma~as.9543430451&w=779&fwrn=4&fwrnh=100&lmt=1700591906&rafmt=1&format=779x280&url=https%3A%2F%2Fwww.balatarin.com%2Fusers%2Fmonogramsigns&ea=0&hl=en&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700591906396&bpp=2&bdt=475&idt=290&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=2334501282708&frm=20&pv=1&ga_vid=1632495921.1700591906&ga_sid=1700591907&ga_hid=2090598977&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079698%2C44806139%2C44807764%2C44808148%2C44808284%2C44809054%2C44809071&oid=2&pvsid=2054284968754383&tmod=254252018&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=294
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f67b864cb36061c256712ebe72064c7b4f1857f62b92d893de411ebc10cc7db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.balatarin.com/users/monogramsigns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 18:38:27 GMT
expires
Tue, 21 Nov 2023 18:38:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cm_:onejs_load_evt@v=1038,onejs_exec_time@v=3,aax_load_time@v=453,aax_load_time_one_tag@v=453,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1038,onejs_exec_time@v=3,aax_load_time@v=453,aax_load_time_one_tag@v=453,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=a8243905-5451-451d-915b-d5376fd71379&session=5032da73-d807-410b-a0c0-f455a944338f
Requested by
Host: www.balatarin.com
URL: https://www.balatarin.com/users/monogramsigns
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 21 Nov 2023 18:38:26 GMT
x-amzn-RequestId
95e273c4-7f92-4848-93ff-11ec92f4bc86
Content-Type
text/plain
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa20a05256877dae4df05f000b231f795648506633427f0a243457b5daa81ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12401
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 21 Nov 2023 18:38:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D3A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.balatarin.com/users/monogramsigns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 17:06:41 GMT
expires
Wed, 20 Nov 2024 17:06:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D553 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b2cec2c9107d936c8edbc75935af3c77e38f83c5979c300c41996b06c774fab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ENZpfFsa0cAn5o-bLwfLwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.balatarin.com/users/monogramsigns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ENZpfFsa0cAn5o-bLwfLwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 18:38:27 GMT
expires
Tue, 21 Nov 2023 18:38:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4D3A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:51:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 16:51:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D553 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2054284968754383&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4D3A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UeUy6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:38:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2054284968754383&bg=!GRqlGlXNAAZxrfrxUa07ADQBe5WfOAa8G5yOHFJXRPEyPe_2lEmVj2K4JU5oOHJ5c6bInqO2JKcQdyiKF4eaJfm31RiyAgAAAH1SAAAABWgBBwoASVDg6fNkZ1U3c-TWk6rBDDCMit8tEOiHE9tOUUDPxw0-GvyMIhyyrlhht5l4g5RXg9V3w2fhpWb2uKqtno9nba5y6VUBgLGJmaqZArZ3q6Dk_mOENYqps3ibg8RzWkbeI_LSsCJZvuiQJku473XFGBEKaLUy_JACM6OBxUDZjBULz_ucjmySvviEaWHvWQVBqGBc6VGUcJkJw3RjfzsLZqTRtsweXCQwhW1DDYwbxaUgo11-FVYgS2IHyO6XqQZUANiSWZVbp5TLPQE_kiwVqP_0DN5hvJ2uUfRXSN3RAv8baA6dNJw9nC6UpYhQK0u7DuMIvDPSsiL5GAkW5G8yqWn-0xQ2A2B1oimsKfMP8FrEPERQL4QUdonxZoLrOLrSS8LSTcfaB5WwaRajb28vrRJ3gZmqnVKxXUQaIOWAX6inU1pmJskvsiXCPkjLH8ExmGnp9ai1r7C_5zIzFCXA_7RJUW9I5zYcui0g5bIrY5CKIeCdjsH0ERQmcoR4-74Am7YJOY__in1SMLA83HuzUnqHjCxLmUWbf-__dqX9NBSIelgZsyB88vgWvv5B6CHD2pRJ9_rlrdZQHj0-Y2YEFfEef8vDUGqXgZ9PmV7_-Ud1TyI1-Xl4ZS6aZGWeetG2QyDZ0WGUc9bM2UCNu4H-RHc5Qfsdcl17ZjM4jQJbvUBQEKVeLdIz9cTylTmGstBFT6a8UjQhp6qPfbec4dBoBvBdr8kGagJLV3yKn6Ly4SPSyQWcUHmIANn99Z4Yb5Ns6JMoUDx70iVj_YvzvchDJHtznHxitZXosxxN_yPmeFb57pMxpD4b75fPj3T2S8XfbzvkRb6fEMonyT2NsTV6l3GRmu6CIxmfFxd9dUF1bhdYSeMTrS4KnP0-GMFdtonhf5CDNmIkVGtmg9tJ4eBZ1QV5JqxKsOz0DSYu0ng-gq_2meYHr9QhT9KVTGWg3zgn6iZVwlXqtMe2xyiEaIXwQMkWDYM3IRmszsO9bIwkWx7aQM8bUfSMUmW_jO8x9N-MmpO2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.balatarin.com/users/monogramsigns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| gtag object| dataLayer object| adsbygoogle object| googletag function| $ function| jQuery object| Bala object| jQuery112406710851270374956 object| WebuiPopovers function| Headroom object| cookieconsent object| container object| button function| domainCheckDismiss object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 object| Turbo object| Stimulus function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
www.balatarin.com/users Name: geo
Value: 0
www.balatarin.com/ Name: _balat_session_new
Value: yoKpWnhKtjz3sPRgsxv%2F18Xr6t%2FDjUobM6QC4ygh%2FnyJeDAZRewCrB3%2FQp0w9%2F%2BoK1eec9NIGzhLWp6ZgDywGEn70yXzkcFGnGGSrGh128cl9a3s09DqzvJ7J0%2FQ1I%2FUNXNitqbGhOAJWvwnMoiVrHmHTNjR%2Fqbt4F5Z8fGe5JUTQN7H8yqD4o3eYnlncN2NV8H0MVohgA1ynokAPM4f6MUg6Fnmf1%2FXd%2F6mOXoORYlYtkvdYDW5SbyxwICsifcZUpMiWCPfzX841%2ByKvNf1NxtWmc%2BVrTMuB0vDL7h7bNiJxhMdpqzlNrFVtDPKAp1Mojk%3D--GWjeYv11fLom1jKU--gKflDS5TBu%2Fzd%2BeYxvdiuQ%3D%3D
.balatarin.com/ Name: _ga
Value: GA1.1.1632495921.1700591906
.amazon-adsystem.com/ Name: ad-id
Value: A5HYzUaccE-usuLfQDlV8rw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.balatarin.com/ Name: __gads
Value: ID=cdfd0b75e9fe9c41:T=1700591906:RT=1700591906:S=ALNI_MZhuLVK5A_7TMsAS6tan9jUx9k--w
.balatarin.com/ Name: __gpi
Value: UID=00000cdfbb6310ca:T=1700591906:RT=1700591906:S=ALNI_MYLY7oMCpev6w57LtdvLR7nhyMDGw
.balatarin.com/ Name: _ga_8X79LBSGX3
Value: GS1.1.1700591906.1.1.1700591907.59.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
ajax.googleapis.com
assets.balatarin.com
fls-na.amazon-adsystem.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
region1.analytics.google.com
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.balatarin.com
www.google.ch
www.google.com
www.googletagmanager.com
z-na.amazon-adsystem.com
18.165.200.28
18.238.243.86
2001:4860:4802:34::36
2600:1901:0:6f1d::
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c0b::9a
52.217.201.64
52.46.135.70
52.94.233.131
067eda33b6d0530b448f2dd5ccf8f241d303ae90baff8012a33dde214d3300c5
0b2cec2c9107d936c8edbc75935af3c77e38f83c5979c300c41996b06c774fab
139ec06e55a19eaacfb367ec804a890b32c52b9d01938acd8e5a48a2c8d5adf9
168d938d02621022c01cac1a30505f3f6c37d42bf461e6e06401bdc8d03f71be
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
4c4edca3108e0b18bd958d725773c875934cf7216841b3931acc07dfa0fcfb21
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5706234164837526c2584d91928117fb80530a13e9c22676096928c42f91fd89
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
70abf324098a3041d6e3bcc18686325a2bff8f7c7786071bbe4f0b9efeda57fd
af468816e153dddcd4cdcc5fba3e6a6dbb0028fcfd69affe05e80a0f3567d94e
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b5037a339716854ab3e1fab965c487c2e660ae6c28ddbb4f94136d361635c326
bff5d28aa24b17a2d9b1aa902f205c6edc3d3e73664e766f3110f6b0f9eceb86
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5
d675ec0b833a05f5a02c49c854aae636b00308cc264ff3b926aae4edba56e0da
d94b4350261c0b1d888534221f5435489c184127ce875c4c85c39d47678272cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7849f1e01a08565eb4619a50e2ba9f9b2aa34d5486611e73092959bd31fde91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67b864cb36061c256712ebe72064c7b4f1857f62b92d893de411ebc10cc7db1
fa20a05256877dae4df05f000b231f795648506633427f0a243457b5daa81ef3