balansfx104.com Open in urlscan Pro
2606:4700:3035::ac43:d16e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://balansfx104.com/
Submission: On May 11 via api (May 11th 2024, 9:12:04 am UTC) from BE — Scanned from DE

Summary HTTP 85 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3035::ac43:d16e, located in United States and belongs to CLOUDFLARENET, US. The main domain is balansfx104.com.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.

This is the only time balansfx104.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3035::ac43:d16e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
12	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 6	2600:9000:264... 2600:9000:2644:9400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:8bd6:f855:972:835a	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	13

32 2606:4700:3035::ac43:d16e (United States)

ASN13335 (CLOUDFLARENET, US)

balansfx104.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2644:9400:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:8bd6:f855:972:835a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	balansfx104.com balansfx104.com	3 MB
24	tawk.to embed.tawk.to — Cisco Umbrella Rank: 10041 va.tawk.to — Cisco Umbrella Rank: 9749	213 KB
7	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3361 d.adroll.com — Cisco Umbrella Rank: 1556	118 KB
6	gstatic.com fonts.gstatic.com	103 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	438 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	67 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 771	12 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7810	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	24 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	24 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	937 B
85	13

	Domain	Requested by
32	balansfx104.com	balansfx104.com
19	embed.tawk.to	balansfx104.com embed.tawk.to
6	s.adroll.com	1 redirects www.googletagmanager.com balansfx104.com s.adroll.com
6	fonts.gstatic.com	fonts.googleapis.com
5	va.tawk.to	embed.tawk.to
5	www.googletagmanager.com	balansfx104.com www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.jsdelivr.net	balansfx104.com embed.tawk.to
2	region1.google-analytics.com	www.googletagmanager.com
2	unpkg.com	1 redirects balansfx104.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	d.adroll.com	s.adroll.com
1	fonts.googleapis.com	balansfx104.com
85	16

This site contains links to these domains. Also see Links.

Domain
chat.whatsapp.com
link.balansfx.online
www.youtube.com

Subject Issuer	Validity	Valid
balansfx104.com GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tawk.to GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://balansfx104.com/
Frame ID: 663F3CC7B3B827FFAABF82FFB05B134A
Requests: 80 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css
Frame ID: D51370E6C963D57265207A14001FCB1D
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css
Frame ID: CC305FB1C3B7C8701DC5600044AFD63A
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css
Frame ID: C6048D75182A94619526AA30A18DC335
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BalansFX | Forex, Hisse Senedi, Emtia

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

85
Requests

96 %
HTTPS

93 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

4308 kB
Transfer

7078 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://chat.whatsapp.com/CLmf5zntP3N1AWrj2n1KEx
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://link.balansfx.online/
Title: Demo Hesap Aç

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=yzz5-67wIRM
Title: Sinyal Uygulaması

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=MPnlsNS6O58
Title: Forex Nedir?

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=AZHeUYjG-Ik
Title: BalansFX Hakkında

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 49

https://s.adroll.com/j/pre/3IG3H2TOQ5E3RNKH2EJ4FX/PZ63M5UAW5EYHNSR2W3U7X/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalansfx104.com%2F&label=ClCkCNOs2fkCENC--pYo&hn=www.googleadservices.com&frm=0&tiba=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&value=0&npa=1&pscdl=noapi&auid=1867935140.1715418718&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChAI8K78sQYQ7ZSX_dSixoB7Eh0AFZfXVnx4sXqzlQ7XN-lRDYEDzJeZ9hDMLzeE6g&pscrd=IhMItcig26CFhgMVyVekBB1sAQ7IMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmFsYW5zZngxMDQuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalansfx104.com%2F&label=ClCkCNOs2fkCENC--pYo&hn=www.googleadservices.com&frm=0&tiba=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&value=0&npa=1&pscdl=noapi&auid=1867935140.1715418718&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMItcig26CFhgMVyVekBB1sAQ7IMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmFsYW5zZngxMDQuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqaEuGIKBWX0pbsI93LNkkbEjttRP2tQ&eitems=ChAI8K78sQYQ7ZSX_dSixoB7Eh0AFZfXVsIaNI15cCd9FhvMf7C3pCqYVTKkhDqo5Q&random=1296685679 HTTP 302
https://www.google.de/pagead/1p-conversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalansfx104.com%2F&label=ClCkCNOs2fkCENC--pYo&hn=www.googleadservices.com&frm=0&tiba=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&value=0&npa=1&pscdl=noapi&auid=1867935140.1715418718&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMItcig26CFhgMVyVekBB1sAQ7IMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmFsYW5zZngxMDQuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqaEuGIKBWX0pbsI93LNkkbEjttRP2tQ&eitems=ChAI8K78sQYQ7ZSX_dSixoB7Eh0AFZfXVsIaNI15cCd9FhvMf7C3pCqYVTKkhDqo5Q&random=1296685679&ipr=y

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
balansfx104.com/ 36 KB
8 KB 262ms
229ms Document
text/html 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd655ded5801bfa5a7db9c4e1578dde651c5b74535c17e3991e8551a4343d5a0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 88210b6a8f8c8f3c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 11 May 2024 09:11:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IeZKIQj0pTLd9zjtfGYIySwFZVBmLnvfLSbgtzj9VL%2FRqBPNFnPDaV0%2FujmVVR9QuaYzw09tUF1HQ04JBgixXZ%2FENZlEQdKyGGYcpGOxKGQIuyYAyZbOdABOiZAN1NXXVWmadkc5XyxP2Naafc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 3 KB
937 B 51ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfc984961cc5b26118a06dff2fe72805d33a723c2dae99d33554a81409219509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 May 2024 09:11:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 May 2024 09:11:58 GMT

GET
H3 200 balansfx.style.min.css
balansfx104.com/assets/css/ 222 KB
29 KB 80ms
77ms Stylesheet
text/css 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/assets/css/balansfx.style.min.css?v=30
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 145e1bf4359c387bfdb68d8b2ebe86563a58987b70649b08299e2e2843dc7fe9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Feb 2021 09:18:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e93517cf560d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W5cR7ui8RkPaAKkKf%2BBDtHvyFLqLhldCngRhwdRcY6jN50KNxI0gD4ZvxOQ2BBNmysqDckj7c6pWCIcGAcGC300YI9BX4cuF3JCfFjQs4pT0ybbqsPmlfEtaRsjxs77hgkSnPx16a68CEyxauTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88210b6c193d8f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
4 KB 30ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 May 2024 09:11:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 858911
x-jsd-version: 3.5.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3370
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: version
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 balansfx.plugins.min.js Show response
balansfx104.com/assets/js/ 437 KB
129 KB 116ms
114ms Script
application/javascript 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/assets/js/balansfx.plugins.min.js
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 44adbf27b2864f5801f79fabb80f9779eb12754fcb9bc3eacbfc0e234958cfa4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e19affdf98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PenT%2BRlaOvpyePWLGg8Gc3HKrNdeFjVqGzs97Qku6zuOU5hXUegHtbqPMENtyqlUDdoYopSP7l5RPpFZ%2Ft%2Bk%2FA%2Bw7p5CQaojJX8LYgmDmvu%2Flr6B4zyvld74JqbfNZ20CS7lmv2ZqSQ5FZRX%2F9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88210b6c193f8f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.cookie.js Show response
balansfx104.com/assets/js/ 2 KB
1 KB 49ms
46ms Script
application/javascript 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/assets/js/jquery.cookie.js
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a0457619e889bb98d0956ad96f21be1ca143f509d9110a91ed9f6ecf5f6eff71

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 Mar 2020 17:32:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b1461317cbf7d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BABGuwCPQPtLk7YD5%2FzecrY7ewBGfd8sQOStDcDfPj0OZMTnIAn0nZlUMt1aamxwPgprjAQJkGf74pcQtuOMvdTnB8N8XDfYOupuv419mq95QN%2FL6Lbi1DOfInZInTUcr2g3OZqN9u8adC7HJdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88210b6c19468f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

29ms
29ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://balansfx104.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5070555
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWB3NBVFAVPNVP07DPJ198G-fra
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88210b6c7d589bf2-FRA

Redirect headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HXKEBH04D926F3WDWJ67ZW54-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 433
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 88210b6c4d1f9bf2-FRA

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 67 KB
23 KB 29ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 May 2024 09:11:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2943455
x-jsd-version: 3.5.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23149
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: version
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 balansfx.min.js Show response
balansfx104.com/assets/js/ 12 KB
4 KB 58ms
56ms Script
application/javascript 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/assets/js/balansfx.min.js?v=30
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 34001e6cb788cd26127ff5cd00adcd90e7afb9aab1958c6dc43f71ee5e76b0b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Jul 2020 19:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a8eb5ef36f5cd61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnIlnxTwldhVpytie9FRcfrrbBBBDHURyVZLPvItEwydkpWrNBZDsGS%2BQCaQAt8bFh73XCct%2B5p2u8eOa%2FX%2FewfLi4avRRjvwSFT8L2CDHTPQ4rEFSVu1fd5RyZA4ClsTEVkxINJo%2BYgQMMRK1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88210b6c19498f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 balans.svg
balansfx104.com/assets/images/ 3 KB
2 KB 51ms
49ms Image
image/svg+xml 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/balans.svg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 41cb600c873a2b702e5781641b4789e9b3910f8f074d15a2b065de8b275c212a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:07:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8a6754d298edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87HwvTy1Jsj2khrs9%2FMqg2yR3mBvdn58ka8yLt53M9G5TGXvYRpZNOhy7xvFgblTYuCI0Oh%2BfUPC41NYQOYgAh4qHWvzyIlVukvndPdwntEsPMMNEhZqHKWNmdS6exzTa%2Bvs%2FMbS1y7h52nv%2F50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88210b6c194b8f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 balans-light.svg
balansfx104.com/assets/images/ 3 KB
2 KB 52ms
50ms Image
image/svg+xml 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/balans-light.svg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b04112e4589ed7fc3c90fa7d45ac4f4cb4580d9231a65dbc134d543f49ecdaf9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:07:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34a0acd298edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylHIGhHHPKYSl0BTEL%2BycP0OgllqqPT8MN1PDkez355aApxb%2FqgquiztHbEoEoNxXVtcDJZ0NQ9Fank8F4Ax%2FiWLHwxJXPdo582k3scoCbAM5ghnWnwXisai1BSl5YVrBpwUGKQNRp7M3rYvD4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88210b6c194c8f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.jpg
balansfx104.com/assets/images/services/ 28 KB
28 KB 83ms
82ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/services/1.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd1265637b22708f166140b8a14b8f97cb1326b310fe019b3df7175ac62de0ea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e621e3de98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3QRQPDTwl6dnUIiiCxeOSrYJoDMbKEQNlldSv%2FkA%2F2oyKKQSJKGnTQtXGBdQTigaatZpiZOhQXoc%2FIKKgUQ8EotC0uwLzCpB1MuhuDYBejUp5QatZ%2BHnLq0F4JmUpNlRXwNPHDViwi7UpIJnEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6c69a78f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28389

GET
H3 200 2.jpg
balansfx104.com/assets/images/services/ 27 KB
27 KB 82ms
81ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/services/2.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb2e0ae31c7e825070217e9d9f44dbdcd7c55d00ec7c5a4d7f49d04525435301

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6299d9de98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4O64xm7qrTByaUpzutqT8lomc%2FV5Yp0w7il32Tn3TV%2BwdqkDc3JPq4c7nBKmWtK5ub137D3r27rAO01igMEdbrWVkfajs73syz8FLvCnyLCKVw7eC0b2PHxqRSIiTRTZQaugbST%2B3LUpN5Dny0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6c69b88f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27501

GET
H3 200 3.jpg
balansfx104.com/assets/images/services/ 26 KB
27 KB 62ms
61ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/services/3.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 567f0ae513c91823fc2914060637408cb4baa49b00d1eb48a15ba6d875db8cd8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4b6362de98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUR3nwwqYIaytwA1RyZNHJ0MJGSaK92cZ2j63vNw0wTKbttJAHk8uEopqLCbBq3zCIlcAZJhH8%2BLANZs%2BP8ZGwivsn7CHEMo30qul15IzsmKu7Mhrjwf95acQ6zetG0jmK7z8SoAvcV%2FgIf7big%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d2aa18f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26827

GET
H3 200 4.jpg
balansfx104.com/assets/images/services/ 39 KB
39 KB 63ms
63ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/services/4.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 98fa84ba795a2041a32515fdaf627292722011edae9506cf4870c16b4fffb86e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f7e96bde98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xi9zRSH3gGCFjPAKeuf66v0klMSgxFBACh795qf7uLc4m7LYjthUIaVM5MdCZvWkous4aro8I2EAbjM0fcOQkOqryde1eRTOrLsIlqnaoUn8RNAAuNRU1JvhBQIzZHnPasDIjvRn5Ja6yqQO9yY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d2aa48f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 39518

GET
H3 200 5.jpg
balansfx104.com/assets/images/services/ 27 KB
27 KB 61ms
60ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/services/5.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6beda0cea4b6a4233bacc7a4ee127023da9ddfd76334fb77d3528d5ab7c45143

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9156eddd98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wc0SE2aI7L82I5pqkPBUsgIipbNu6TW3twpcM7tNy5v74THCU1h7KU4Mre9FwnbVgN3%2Bh4H3xoyQQslRo3jZlp8aR6%2B9E5PfLPk5oG5biab8ovKhrrgj%2Bgyv5LItPy2IJS9bASt6Rcj3qU3Tml8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ac48f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27413

GET
H3 200 6.jpg
balansfx104.com/assets/images/services/ 34 KB
34 KB 48ms
45ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/services/6.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f774942b9b7f4de8e6a79eb9ff325a208612e9bf4f72aa7a9443c979083b5e6c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c8a5dcdd98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUaXhV0JggHIbyJAfJFJnAHdV8cbfGZD6R9Tdg6ANStAaG%2Bm%2Fdf9jNGq%2BObHN6fHqOTgt5NDotKH2AhdE6IZuvP01gNJ6hg3EIA7E9ImRY9F1bV7G0P%2By2e8pFxfvdzy%2BfINZVlg4HgLU3AlHPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ac78f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34745

GET
H3 200 ucretsiz-forex.png
balansfx104.com/assets/images/ 197 KB
198 KB 75ms
72ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/ucretsiz-forex.png?v=1.2
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 85895a83fe04ade138e38c8d3336b7705f42b097648ff43b38924eccc386735c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Feb 2021 17:48:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d44e7e28e7fbd61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75dgvPstDBQ5peMPbCEo%2FsL855dHQkoRAJ4S7DCNMgxEfvu1YuKWRjiZ5vk6NIRFR%2BIwEAE%2FiENRRuFdkaYWYVySoDDs38kAF1WLQxAbU1VyOjG4ZiD5CVg8c74oweJwTL%2BpZfe1FGKcNttw5L0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4aca8f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 202131

GET
H3 200 yatirim-danismani.png
balansfx104.com/assets/images/ 212 KB
212 KB 80ms
77ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/yatirim-danismani.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fe983aac57b377f0e57d876803af9701c07d2ac8290552bed41788d0468588e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Feb 2021 17:46:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3ede53e3e6fbd61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FZ1m6T2uZrMBL0qnIvb%2Br6nXPIjxwYDZof9fCepPOnfWAY1yeFm3okmt9kVkh%2F%2BtO2761hRBh9RFxKnp2z2r6gVykTP3kH%2FAnomYaaYaVChajoNjg%2FZFNGJRHO5B9MoNR%2BIhq11sYB7FPuDs%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4acb8f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 216805

GET
H3 200 uzman-analizi.png
balansfx104.com/assets/images/ 1 MB
1 MB 88ms
85ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/uzman-analizi.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4b1ba993dca1564c27d37418eca0656dcc0b3534815d36a14e9d021d73db7ba3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Feb 2021 17:51:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dc14893e7fbd61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39bvgqQL5nmn0ve4HpZmygbbCJUt7trpAnkp2qcFlsU6ZwXCMXo0nHcMoXGz9cIv7c%2Bx4%2B24lw%2F68sg%2FiMqxEbk8OJKsJ%2FC75QvobKm1Usw%2FCbZUGht3QSyyJAsjg2%2B3fhxp2EQztZVyAUQje9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ad08f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1232044

GET
H3 200 visa.svg
balansfx104.com/assets/images/logos/ 921 B
1018 B 55ms
52ms Image
image/svg+xml 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/visa.svg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c95276735916e36360d04629508731d46c2dfd9f9581283687daf5158fa04c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3c7686da98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaHZHIXv3yub%2Fgb%2FE6cUbaAo3PRE9L4wwDWqRM2kNEJAQlGwgfr1U4Zk8jdIgnS5OyWP8NOz3MGnZUf4oarPQgorR5W%2FJ4goU1T3JME1l4k%2FDynfB9OF7gYXNvOhPXeSHVftpXysHiisGq21c%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88210b6d4ad18f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mastercard.svg
balansfx104.com/assets/images/logos/ 4 KB
2 KB 49ms
46ms Image
image/svg+xml 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/mastercard.svg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e73e447df18f20a083c2de2348053c82b799abf6efd6ae5053e59bb588ed3fc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ebf968db98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K29%2Bc7mfb0SSQdFneIdcbjbKG1%2FBkwP5R1jmz7FVaUQkJf%2BLGWiY2F0ukdeL7fXSvEu%2B4brJ14L%2FLJbY98Dgj3ZtiLwB0oU2pDjHZrO3QteRNexEGCVJsTdvRD4EoBtaBPCi4wb9KscKW4BRsZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88210b6d4ad38f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bitcoin.svg
balansfx104.com/assets/images/logos/ 5 KB
2 KB 54ms
51ms Image
image/svg+xml 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/bitcoin.svg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: faa4f51f95476f0042eab475bc5039de0d60ff641fb2fd5cd4777efe3779e70e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8ee73fdc98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBeDWoQMrX3jE9Kgs9uFdhLKhT7cWYlkAt7Nryfw2yEFQezYqqsVHAvzmY8NWCi5GhFkprnY3sfEoNWvEt%2FLnfMrk0Sp4SGkR5ps6wMejc4j8c9eyxVdGo5jIFLQwUxjuUu9EdKt0UzZGJTD3aE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88210b6d4ad48f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 amex.png
balansfx104.com/assets/images/logos/ 21 KB
22 KB 66ms
63ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/amex.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec407669784d9205a62021f8f032478abf4bf6b9e4d84bcc43ecea7aaec6e364

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5937cfdc98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lgxil7%2FfXXfPhY99s4EboapzadHbPkMUN3xDcbGZTsZcFf%2BZGAwAVL8tZGm4KaPyJSRpaL5QJs1M%2FAzzV2TC40LliPRsKCRzqgMqGzLqDqWz7%2FXg09lzIWY5wma7QQPbKqkzrhVJ2nrH7UtONqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ad58f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21656

GET
H3 200 banktransfer.png
balansfx104.com/assets/images/logos/ 6 KB
6 KB 53ms
50ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/banktransfer.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f945981ac7f6ff6ba649c9f6fbd4d0f7352b8732f5cfc4dce8c79401b417b11

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1f364edc98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BsZVycjBbOPgJna6ItLB4PDs%2BdyjSr4Zskqe4aDBpL5g7ii0I3sJQl3yTJeR7QbKuIRkQzA8y2%2FZmLVfd6dQxfOUGgrfKCt7h0kONzR9A3PcFR7cOnE9uJ6wQVUzUHUylKtDpRtyv8yAl2oZjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ad68f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5985

GET
H3 200 ssltrust.png
balansfx104.com/assets/images/logos/ 7 KB
8 KB 52ms
49ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/ssltrust.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6446459faaac205178ea17c1a53fb5b40955015a34c9a92ae34cee1aba10ce76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fd8999da98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqKQectFBvilPWQi0bUvMXftFNATUczK9Gs0ZsI2qW3SNPpoaAIIE9kKaBkAc9FWQs1L8BlUtwaDV6VGW9i5ZjBKYBwxOlOrKNf8DP1n%2B6lW8bU%2BTrrvqntXYh7TG%2BZdz%2B91kkZV0a8g0HomDjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ad88f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7342

GET
H3 200 sitelock.png
balansfx104.com/assets/images/logos/ 13 KB
14 KB 55ms
53ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/logos/sitelock.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f29a3ad8ba6635f72be8426a0dbf638af107ab0c4240110982a00346a4fe8d66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b64bfbda98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehlUkPZ9GiFUdK3GsfbgyxHyl2Zrzk5kVvfTwSH6vvnUm%2BgaKpBZsS9f89Jy3sfJbFt4j6e%2BySvAAWWRWV8LWK6hhQ1n6VZKidqO6g%2FvdrQUf6yBbIcXr8oPPGuw7Xndj4tPopzs%2FR%2B86FDqwe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ad98f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13676

GET
H3 200 fc-icon.png
balansfx104.com/assets/images/ 34 KB
34 KB 67ms
65ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/fc-icon.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 33ed09d53335335597a0ab7ffbac136e24e5dc3d736ce2ae620203d781b8560e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jul 2020 11:38:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bf1a5c22a59d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfmDaOk5ZFs8wQ0grWYBnTJtkYxT4I20fhpytTDscbpH4Yt9LrCav9D4NZ6mePrVLkz1kWePy7JICgEWrnvc5oYd8Sftgu%2BOCSFBtV7JGPyHhQc8VUXHM7MRQu%2FlYe21%2B3SmG44Y0Q03pg%2Bkli4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d4ada8f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34579

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
94 KB 57ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTGXNPV

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e849abeaa63ab02018122dbc1f376cbaf3273c4f4b2a9924f8e979e415fcfc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 09:11:58 GMT

GET
H3 404 default
embed.tawk.to/5daf149578ab74187a5aeeca/ 0
0 487ms
466ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5daf149578ab74187a5aeeca/default

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, s-maxage=2592000
cf-ray: 88210b6d7a2f4d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 web-banner.png
balansfx104.com/assets/images/banners/ 499 KB
499 KB 102ms
98ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/banners/web-banner.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 756f47312429f3f78d4a09acd2ed38fd97565326d9e9f97e69c1275d9eff1d2b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Mar 2022 23:54:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0c168e7902ed81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZVddBCMc94ZH6ffrirLaKlbeH%2F9rnwlVNDsgH5kAl8OeJWxeFC6Hgl6SUjls2lDZyZDNWXfNAiVeCbZlJ04E93PqdmxoVBWWwxtUJETubKSbonlSx1gQwz27%2BscYB4gKY0ImT6Y7xlgG%2F7vHXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d5aef8f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 510745

GET
H3 200 Sigorta.jpg
balansfx104.com/assets/images/banners/ 156 KB
156 KB 104ms
99ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/banners/Sigorta.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5199c6dcf9efb6be125104269d67c852692a9cbd7324f326362a822ae592c998

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jul 2020 10:05:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c3e47623fd58d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bK3Bfi8i8iHbwsVmRumjaqVYaDTz0XlOGMDeEupUGZaywM8iQi5x05lqoDJoQWKsDcDzQUQVcO6CQPWYcmKYZk9HEmTYjAAPtDcD1idelzNDLk5pkWMauESEitEimNbWdz%2Blg4wMWi2f13JujZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d5af18f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 159416

GET
H3 200 Guvenilir.jpg
balansfx104.com/assets/images/banners/ 153 KB
154 KB 113ms
107ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/banners/Guvenilir.jpg
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6649580995a7479986cc1f5d4f898fad6dc331416d743be647a882f96210da49

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jul 2020 10:05:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bf973e23fd58d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvkl2gfWiF%2FvfdzkxUwlSSSHXEULR0t6GVkgaFZ77UUYKSzcnXjUc6ngmAIvPFEYix0sm4no2xKugB%2BW3jd1%2Fjc%2BzosGfX92XxPhQEuKUTmTjy2zWN5r%2BO4k7VKNlWP%2BOnby57UkAUBomZSnAIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d5af48f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 156996

GET
H3 200 Hisse.png
balansfx104.com/assets/images/banners/ 206 KB
207 KB 165ms
156ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/banners/Hisse.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 98851a0a32ae73bd2c078df7966f80c6d167d0d886c4f9011eeede771855a8ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Jul 2020 10:05:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d8914423fd58d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WbdzzhLMRCSoI0AaYgno5boC1RTWD9S7Ip2t6mMx%2Firte0CoK44Rt6W%2BWvkYp5cuxoDoLCfZTmdsgkM4FHEfiVAgyUKvTQoNjaC1a1VlL7c%2Ft5lgLcqX%2FYcO2Hsi9ATR%2BOVgdtjZxado8Jg85nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d6b058f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 211006

GET
H3 200 Uygulama.jpg
balansfx104.com/assets/images/banners/ 145 KB
146 KB 170ms
159ms Image
image/jpeg 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/banners/Uygulama.jpg?v=1.2
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d70a611fd93bfc911728609f827deea68ec9e61b9c96bafa1e655b756aecd73e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Sep 2020 11:10:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19dc2a91981d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nbsss2ngzJtkuLxw7YUxKK59zrdskX9Aj0Vz9czlUzLeWd9vyvwi7YChxzBN50CmL3LDjr4ZT2R8VyZ7LKPohJRlpFNLbUtmVnNcvF9IZbI7YjpsXBbTh9p6YgZc3brM%2BTXMxFYc7JcUI4u5VpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d6b108f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 148636

GET
H3 200 calculator-bg.png
balansfx104.com/assets/images/ 92 KB
93 KB 173ms
166ms Image
image/png 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balansfx104.com/assets/images/calculator-bg.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/assets/css/balansfx.style.min.css?v=30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1aa1d9322879446d20762a18056c7c669cc10381fe455cd08f70e7b541d12081

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/assets/css/balansfx.style.min.css?v=30
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cb5887d198edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z3rfxszyXwb7r2DW5lzN1O40rDy8suSet3htyCVL3pjUvo9p9b%2BQtdws45%2F4BCOa%2FjhQ6MAlRcjHwUcLhVmaeNQJg5hpZjgjw7xeF2aRKuQyo8FnbvTLlRAXIl1TgbE9J8LsnV363V2OtPgHeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6d6b138f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 94461

GET
H3 200 icomoon.ttf
balansfx104.com/assets/fonts/ 9 KB
10 KB 70ms
67ms Font
application/octet-stream 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/assets/fonts/icomoon.ttf?lksvcd
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/assets/css/balansfx.style.min.css?v=30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: de66c358160a31533500e46f9d895166c8f871e7b33f63e49011344d11aa6a92

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/assets/css/balansfx.style.min.css?v=30
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:07:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "24aa23cf98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BzOC7qxa3MsuKd0xdrtRX2bQyIP10epjjMmuqwUEDfGEnZe%2FNuIB6pz%2BMP27yWCiTPPp4Gk9g3l4Ann6YP8w1qNV%2FWOr1cjYWltvhIJMxW8rpeZh6UWJCsGcSYG%2BQMv4QGSOzbC9Rwn37NqS%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88210b6e1c198f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9584

GET
H2 200 7cHpv4kjgoGqM7E_Ass52Hs.woff2
fonts.gstatic.com/s/barlow/v12/ 13 KB
13 KB 53ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_Ass52Hs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e117aea294873c889a6118be17dedae219b12e46a4a039c420fbb032aa0acde5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:49:59 GMT
x-content-type-options: nosniff
age: 350519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13316
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:44:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:49:59 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 60ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:48:51 GMT
x-content-type-options: nosniff
age: 350587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:48:51 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 58ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:46:08 GMT
x-content-type-options: nosniff
age: 350750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:46:08 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 63ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:07:17 GMT
x-content-type-options: nosniff
age: 349481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 08:07:17 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/ 13 KB
14 KB 66ms
29ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s6VospT4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68548b453a6799bd3dbe23d6025305801713b490b839dbf6fe03736cc712b514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 17:54:53 GMT
x-content-type-options: nosniff
age: 314225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 17:54:53 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/ 13 KB
14 KB 49ms
12ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs6VospT4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2112123d3e95728befd75dcbd262b213509a77625075eb036f3d7f5fd0295b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:17:12 GMT
x-content-type-options: nosniff
age: 273286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13436
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:06:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 05:17:12 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-595099506&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTGXNPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

897068a99f1da9ad9494b9e77cd4e195d62941383e9f3394cb4ecd792411c367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 09:11:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 215ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTGXNPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 11 May 2024 07:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5455
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 11 May 2024 09:41:03 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 86 KB
27 KB 234ms
9ms Script
text/javascript 2600:9000:2644:9400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTGXNPV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: o2F5X.7ofwfn5AxK2mOAUr6cpAHiSmpn
Content-Encoding: gzip
Via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
Date: Sat, 11 May 2024 08:35:17 GMT
Age: 2203
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 29 Apr 2024 18:17:04 GMT
Server: AmazonS3
Etag: W/"8527d40fe704871728ead7e7b8f103d2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: V578TBArM_WVsOF0Gq1rcRg2Sj2duAGeNsP9DkFr_B7-x3pLRBJBIQ==

GET
H3 200 1g4uptfog Show response
embed.tawk.to/629f227e7b967b1179934884/ 2 KB
876 B 476ms
475ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Requested by

Host: balansfx104.com
URL: https://balansfx104.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ec18feede7a9dd817fd1d940adbe114a025481ad67f6e73b174fc30f2730b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-6625f366c87"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 88210b6e9b594d4f-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
221 B 15ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=222234390&t=pageview&_s=1&dl=https%3A%2F%2Fbalansfx104.com%2F&ul=de-de&de=UTF-8&dt=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1630840218&gjid=1908955707&cid=729807425.1715418719&tid=UA-154720436-1&_gid=762954865.1715418719&_r=1&_slc=1&gtm=45He4580n81KTGXNPVv813349476za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=324561874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ccc127af1febc429fffb23baba62ae95566741b489200aecf0941d472067ea21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://balansfx104.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 14ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=222234390&t=pageview&_s=1&dl=https%3A%2F%2Fbalansfx104.com%2F&ul=de-de&de=UTF-8&dt=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1517234739&gjid=2103695722&cid=729807425.1715418719&tid=UA-154824799-1&_gid=762954865.1715418719&_r=1&_slc=1&gtm=45He4580n81KTGXNPVv813349476za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1913167768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c20f0770888431133da2c44476b037b13b37830d5d8f053d70b35e6e87c81b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://balansfx104.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
95 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HY3P4KV2VS&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ae0ec11fe367d50bbcaba5fc2c01c4c05de8f806c163fb7851f1df8cf82ddf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 09:11:58 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/3IG3H2TOQ5E3RNKH2EJ4FX/PZ63M5UAW5EYHNSR2W3U7X/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

9ms
8ms

Script
application/javascript

2600:9000:2644:9400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: HTTP/1.1
Server: 2600:9000:2644:9400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://balansfx104.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sat, 11 May 2024 04:00:21 GMT
Via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
Age: 18698
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: inM1TLW3WiX9F22uIoPK0id1tw_3q3rFkdUxRzXwDAkqBWrizqu4xA==

Redirect headers

Date: Sat, 11 May 2024 09:10:33 GMT
Via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
Age: 84
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: A075jrnlO-aNO7fdv1mbNW0bWj1uSJzPhJbd_WtOwwB-bq2QiylGKQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/3IG3H2TOQ5E3RNKH2EJ4FX/PZ63M5UAW5EYHNSR2W3U7X/ 9 KB
4 KB 29ms
16ms Script
text/javascript 2600:9000:2644:9400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/3IG3H2TOQ5E3RNKH2EJ4FX/PZ63M5UAW5EYHNSR2W3U7X/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 11 May 2024 09:10:35 GMT
X-Amz-Version-Id: B8x0SLtJKmDGKZ5F5Ui_7DvT.XxUpJIU
Content-Encoding: gzip
Via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Age: 84
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 10 May 2024 11:58:39 GMT
Server: AmazonS3
Etag: W/"706be4fd28aeb971d2ff83a528c2073a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HJ5Yki0uGegKDa_V8-iiBveyC1tjEKcKIZqJRs9hvJeQksacmCkfEQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J86WJBJ3VR&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfe42fd192ac1fd39e4ea929cc2aad184058df8482549fe509b8a250cc1478d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 09:11:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J86WJBJ3VR&gtm=45je4580v9111998392za200&_p=1715418718278&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tcfd=10001&ul=de-de&sr=1600x1200&cid=729807425.1715418719&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbalansfx104.com%2F&dt=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&sid=1715418718&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1073
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J86WJBJ3VR&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://balansfx104.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3IG3H2TOQ5E3RNKH2EJ4FX Show response
d.adroll.com/consent/check/ 492 B
585 B 110ms
33ms Script
application/javascript 2a05:d018:cc3:fe04:8bd6:f855:972:835a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/3IG3H2TOQ5E3RNKH2EJ4FX?pv=63311847705.0306&arrfrr=https%3A%2F%2Fbalansfx104.com%2F&_s=87633c3eb0a0304f1435e69211d7269c&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:8bd6:f855:972:835a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: d1764f268ba61d745fd9c3c27bfbb36b66410748d7698cc5f73b2a36cfe0407e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:58 GMT
server: nginx/1.22.1
content-length: 492
content-type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HY3P4KV2VS&gtm=45je4580v9133528544za200&_p=1715418718278&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tcfd=10001&ul=de-de&sr=1600x1200&cid=729807425.1715418719&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbalansfx104.com%2F&dt=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&sid=1715418718&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1120
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HY3P4KV2VS&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://balansfx104.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 413 KB
83 KB 8ms
7ms Script
text/javascript 2600:9000:2644:9400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ec093226dbb4c5f2767562378e80a955db377003a72f5ff70cd65040983090f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: E8Xqd_XzP1xGQPgJ2rRArNdUFnSvN3pa
Content-Encoding: gzip
Via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Date: Sat, 11 May 2024 09:10:49 GMT
Age: 71
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2024 21:46:10 GMT
Server: AmazonS3
Etag: W/"e1dc09168683fa834f599c01bb66de29"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EzKGh-CBfvmzbu7C9lzjeV328M3A933hUyvMlbtuZ1XtCBusOZkFqw==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 17ms
7ms Image
image/png 2600:9000:2644:9400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: balansfx104.com
URL: https://balansfx104.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Sat, 11 May 2024 02:29:55 GMT
Via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Age: 24125
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 7jMU6Lrxx-VbyoXBFb50MkmLqyXqFJX3RyE3F57Z7RBfsirwfe-iIQ==

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 121 B
342 B 147ms
146ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b72ffa14d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 81 KB
29 KB 244ms
243ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
content-encoding: br
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b72ffa54d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 212 KB
62 KB 367ms
355ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
content-encoding: br
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b730fc74d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 220 KB
44 KB 379ms
367ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
content-encoding: br
etag: W/"5ff5b56dd253d3fd717915b2773593d3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b730fc94d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 2 KB
1 KB 150ms
138ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
content-encoding: br
etag: W/"d1dc816c161b3a7313b3d42f478f140a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b730fca4d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 151 B
366 B 153ms
142ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/629f227e7b967b1179934884/1g4uptfog

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Origin: https://balansfx104.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b730fcb4d4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 42ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10785562448&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTGXNPV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83e3734803e3eddc0131cce46d80ea8a27f28e3e6b720d800e2f14097460d916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 09:11:59 GMT

GET
H3 200 favicon.ico
balansfx104.com/ 66 KB
9 KB 83ms
79ms Other
image/x-icon 2606:4700:3035::ac43:d16e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balansfx104.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d16e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc03807e6d2a0e38cf73f275b10886112c202cd7080937541885ab2d43249ffc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:11:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 18:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c97735ce98edd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTT4zuf2sHrgIwhSwiPscjEtSsgwshQbJB%2B5cMJGhze4ilbbGBfSycrKxTvEenm2UtTduJNE4hDCdIOmfMpxwx1fXkHE0OCIbP6oWB8Z5AlCuNJyCehIULwIZr5X%2FcQtBXKqddjCVh4hYGmeOXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 88210b730a738f3c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10785562448/ 3 KB
2 KB 56ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10785562448/?random=1715418719273&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalansfx104.com%2F&label=ClCkCNOs2fkCENC--pYo&hn=www.googleadservices.com&frm=0&tiba=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1867935140.1715418718&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10785562448&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

4064f30583734b7bda3a273500bf0e93a394e7c995783b678876ccb17c738031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1632
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/10785562448/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l...
https://www.google.com/pagead/1p-conversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=...
https://www.google.de/pagead/1p-conversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1...

42 B
64 B

61ms
22ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalansfx104.com%2F&label=ClCkCNOs2fkCENC--pYo&hn=www.googleadservices.com&frm=0&tiba=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&value=0&npa=1&pscdl=noapi&auid=1867935140.1715418718&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMItcig26CFhgMVyVekBB1sAQ7IMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmFsYW5zZngxMDQuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqaEuGIKBWX0pbsI93LNkkbEjttRP2tQ&eitems=ChAI8K78sQYQ7ZSX_dSixoB7Eh0AFZfXVsIaNI15cCd9FhvMf7C3pCqYVTKkhDqo5Q&random=1296685679&ipr=y

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://balansfx104.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 May 2024 09:11:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10785562448/?random=1660141610&cv=11&fst=1715418719273&bg=ffffff&guid=ON&async=1&gtm=45be4580z8813349476za201&gcs=G1--&gcd=13l3l3l2l5&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalansfx104.com%2F&label=ClCkCNOs2fkCENC--pYo&hn=www.googleadservices.com&frm=0&tiba=BalansFX%20%7C%20Forex%2C%20Hisse%20Senedi%2C%20Emtia&value=0&npa=1&pscdl=noapi&auid=1867935140.1715418718&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMItcig26CFhgMVyVekBB1sAQ7IMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmFsYW5zZngxMDQuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqaEuGIKBWX0pbsI93LNkkbEjttRP2tQ&eitems=ChAI8K78sQYQ7ZSX_dSixoB7Eh0AFZfXVsIaNI15cCd9FhvMf7C3pCqYVTKkhDqo5Q&random=1296685679&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 469ms
468ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=629f227e7b967b1179934884&widgetId=1g4uptfog&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d514983668aefd60e74f62b4d555c35fbb1c8811776428054f7b40190930a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-7pnh
server: cloudflare
etag: W/"2-11-0"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
vary: Accept-Encoding
cf-ray: 88210b759ae64d4f-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 340ms
260ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dafa20ca2a81341cb0428da9ddca8d398dc9e1702412b57bb36e0b3af9d6c03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-bg93
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://balansfx104.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 88210b783806975d-FRA
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 324ms
323ms Preflight
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://balansfx104.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://balansfx104.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 88210b75bb084d4f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 11 May 2024 09:11:59 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-gjrb

GET
H3 200 tr.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/languages/ 17 KB
5 KB 40ms
40ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/languages/tr.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed67677ca5420619b0f4f60d86897af0fcde09a4a6c5c5c424c68305ffcce908

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644472
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"f57fe58d8254b5fc985267a61b87f75a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b788884975d-FRA

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 10 KB
3 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644472
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea7c975d-FRA

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 18 KB
5 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644472
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"6bf62c737dec7d16542425992be5986c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea7e975d-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 699 B
676 B 26ms
25ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644471
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea80975d-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 19 KB
6 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644471
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"4f773fe8050dcfd8fd096e061eed08a7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea82975d-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 906 B
663 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644469
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea83975d-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 535 B
575 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644469
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea84975d-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 110 KB
24 KB 28ms
28ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644469
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"44934d48f839e3143311bc044e6e0d89"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b79ea86975d-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/6625f366c87/css/ Frame D513 24 KB
5 KB 26ms
26ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644471
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b7a7b23975d-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/6625f366c87/css/ Frame CC30 40 KB
8 KB 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644470
cf-polished: origSize=40905
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
server: cloudflare
etag: W/"7060c2e317491c949f29253a1286dad2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b7a8b43975d-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/6625f366c87/css/ Frame C604 76 KB
15 KB 22ms
22ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 09:12:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1644469
cf-polished: origSize=78232
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
server: cloudflare
etag: W/"05d886069cda40a8e20243d226b04764"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 88210b7acb79975d-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
40 KB 10ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 11 May 2024 09:12:00 GMT
age: 962931
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
x-served-by: cache-fra-eddf8230100-FRA
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
282 B 136ms
136ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://balansfx104.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 11 May 2024 09:12:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-g2m5
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://balansfx104.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 88210b7e7e2d4d4f-FRA
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 139ms
138ms Preflight
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://balansfx104.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://balansfx104.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 88210b7d9d354d4f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 11 May 2024 09:12:01 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-g2m5

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.balansfx104.com/	1970-01-20 22:39:54	Name: _gcl_au Value: 1.1.1867935140.1715418718
.balansfx104.com/	1970-01-21 06:06:18	Name: _ga Value: GA1.2.729807425.1715418719
.balansfx104.com/	1970-01-20 20:31:45	Name: _gid Value: GA1.2.762954865.1715418719
.balansfx104.com/	1970-01-20 20:30:18	Name: _gat_UA-154720436-1 Value: 1
.balansfx104.com/	1970-01-20 20:30:18	Name: _gat_UA-154824799-1 Value: 1
.balansfx104.com/	1970-01-21 06:06:18	Name: _ga_J86WJBJ3VR Value: GS1.2.1715418718.1.0.1715418718.0.0.0
.balansfx104.com/	1970-01-21 06:06:18	Name: _ga_HY3P4KV2VS Value: GS1.2.1715418718.1.0.1715418718.0.0.0
.doubleclick.net/	1970-01-20 20:30:19	Name: test_cookie Value: CheckForPermission
balansfx104.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: wzt4V6hQKnOIVkMy0VfXZ
balansfx104.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.balansfx104.com/	1970-01-21 00:49:30	Name: twk_uuid_629f227e7b967b1179934884 Value: %7B%22uuid%22%3A%221.Wrvz1kbtJnkGoLWFPyEjLceKHHGIn0CwhPhsJY2uwcbcHMiqe91VObEwBHhdmv9l2zxDefz8peqeFoGpb4MxmEUuKL5hCe3G2qO5apaabnZSfdOfoCeo1nv3q%22%2C%22version%22%3A3%2C%22domain%22%3A%22balansfx104.com%22%2C%22ts%22%3A1715418720297%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://embed.tawk.to/5daf149578ab74187a5aeeca/default Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://balansfx104.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balansfx104.com
cdn.jsdelivr.net
d.adroll.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
s.adroll.com
unpkg.com
va.tawk.to
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.23.98
2001:4860:4802:32::36
2600:9000:2644:9400:6:9280:1080:93a1
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700:3035::ac43:d16e
2606:4700::6811:f8cb
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a04:4e42:600::485
2a05:d018:cc3:fe04:8bd6:f855:972:835a
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
145e1bf4359c387bfdb68d8b2ebe86563a58987b70649b08299e2e2843dc7fe9
162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260
1aa1d9322879446d20762a18056c7c669cc10381fe455cd08f70e7b541d12081
26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f
29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e
33ed09d53335335597a0ab7ffbac136e24e5dc3d736ce2ae620203d781b8560e
34001e6cb788cd26127ff5cd00adcd90e7afb9aab1958c6dc43f71ee5e76b0b5
3ec093226dbb4c5f2767562378e80a955db377003a72f5ff70cd65040983090f
4064f30583734b7bda3a273500bf0e93a394e7c995783b678876ccb17c738031
41cb600c873a2b702e5781641b4789e9b3910f8f074d15a2b065de8b275c212a
44adbf27b2864f5801f79fabb80f9779eb12754fcb9bc3eacbfc0e234958cfa4
4b1ba993dca1564c27d37418eca0656dcc0b3534815d36a14e9d021d73db7ba3
4d514983668aefd60e74f62b4d555c35fbb1c8811776428054f7b40190930a45
500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6
5199c6dcf9efb6be125104269d67c852692a9cbd7324f326362a822ae592c998
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
567f0ae513c91823fc2914060637408cb4baa49b00d1eb48a15ba6d875db8cd8
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
6446459faaac205178ea17c1a53fb5b40955015a34c9a92ae34cee1aba10ce76
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6649580995a7479986cc1f5d4f898fad6dc331416d743be647a882f96210da49
68548b453a6799bd3dbe23d6025305801713b490b839dbf6fe03736cc712b514
6beda0cea4b6a4233bacc7a4ee127023da9ddfd76334fb77d3528d5ab7c45143
6c95276735916e36360d04629508731d46c2dfd9f9581283687daf5158fa04c1
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
756f47312429f3f78d4a09acd2ed38fd97565326d9e9f97e69c1275d9eff1d2b
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
83e3734803e3eddc0131cce46d80ea8a27f28e3e6b720d800e2f14097460d916
85895a83fe04ade138e38c8d3336b7705f42b097648ff43b38924eccc386735c
897068a99f1da9ad9494b9e77cd4e195d62941383e9f3394cb4ecd792411c367
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8fe983aac57b377f0e57d876803af9701c07d2ac8290552bed41788d0468588e
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f
98851a0a32ae73bd2c078df7966f80c6d167d0d886c4f9011eeede771855a8ce
98fa84ba795a2041a32515fdaf627292722011edae9506cf4870c16b4fffb86e
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
9ae0ec11fe367d50bbcaba5fc2c01c4c05de8f806c163fb7851f1df8cf82ddf1
9f945981ac7f6ff6ba649c9f6fbd4d0f7352b8732f5cfc4dce8c79401b417b11
a0457619e889bb98d0956ad96f21be1ca143f509d9110a91ed9f6ecf5f6eff71
a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7
b04112e4589ed7fc3c90fa7d45ac4f4cb4580d9231a65dbc134d543f49ecdaf9
bc03807e6d2a0e38cf73f275b10886112c202cd7080937541885ab2d43249ffc
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd1265637b22708f166140b8a14b8f97cb1326b310fe019b3df7175ac62de0ea
bd655ded5801bfa5a7db9c4e1578dde651c5b74535c17e3991e8551a4343d5a0
bfc984961cc5b26118a06dff2fe72805d33a723c2dae99d33554a81409219509
bfe42fd192ac1fd39e4ea929cc2aad184058df8482549fe509b8a250cc1478d2
c20f0770888431133da2c44476b037b13b37830d5d8f053d70b35e6e87c81b07
c2112123d3e95728befd75dcbd262b213509a77625075eb036f3d7f5fd0295b0
c2ec18feede7a9dd817fd1d940adbe114a025481ad67f6e73b174fc30f2730b3
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cb2e0ae31c7e825070217e9d9f44dbdcd7c55d00ec7c5a4d7f49d04525435301
cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f
ccc127af1febc429fffb23baba62ae95566741b489200aecf0941d472067ea21
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d1764f268ba61d745fd9c3c27bfbb36b66410748d7698cc5f73b2a36cfe0407e
d70a611fd93bfc911728609f827deea68ec9e61b9c96bafa1e655b756aecd73e
dafa20ca2a81341cb0428da9ddca8d398dc9e1702412b57bb36e0b3af9d6c03e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de66c358160a31533500e46f9d895166c8f871e7b33f63e49011344d11aa6a92
e117aea294873c889a6118be17dedae219b12e46a4a039c420fbb032aa0acde5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73e447df18f20a083c2de2348053c82b799abf6efd6ae5053e59bb588ed3fc4
e849abeaa63ab02018122dbc1f376cbaf3273c4f4b2a9924f8e979e415fcfc5d
ec407669784d9205a62021f8f032478abf4bf6b9e4d84bcc43ecea7aaec6e364
ed67677ca5420619b0f4f60d86897af0fcde09a4a6c5c5c424c68305ffcce908
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29a3ad8ba6635f72be8426a0dbf638af107ab0c4240110982a00346a4fe8d66
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f774942b9b7f4de8e6a79eb9ff325a208612e9bf4f72aa7a9443c979083b5e6c
faa4f51f95476f0042eab475bc5039de0d60ff641fb2fd5cd4777efe3779e70e
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

balansfx104.com Open in urlscan Pro 2606:4700:3035::ac43:d16e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

96 %HTTPS

93 %IPv6

13 Domains

16 Subdomains

13 IPs

3 Countries

4308 kBTransfer

7078 kBSize

11 Cookies

5 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

balansfx104.com Open in urlscan Pro
2606:4700:3035::ac43:d16e Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

96 %
HTTPS

93 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

4308 kB
Transfer

7078 kB
Size

11
Cookies

85 HTTP transactions
0 data transactions