dzballon.com Open in urlscan Pro
194.163.146.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dzballon.com/
Effective URL:
https://dzballon.com/
Submission: On December 02 via manual (December 2nd 2021, 5:19:54 pm UTC) from GB — Scanned from GB

Summary HTTP 139 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 139 HTTP transactions. The main IP is 194.163.146.70, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is dzballon.com.
TLS certificate: Issued by R3 on September 20th 2021. Valid for: 3 months.

This is the only time dzballon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 51	194.163.146.70 194.163.146.70	51167 (CONTABO) (CONTABO)
10	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 5	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
139	20

51 194.163.146.70 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi608334.contaboserver.net

dzballon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sharp-elbakyan.194-163-146-70.plesk.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.141.232 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	dzballon.com 1 redirects dzballon.com	887 KB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	499 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	103 KB
12	wp.com c0.wp.com stats.wp.com pixel.wp.com	109 KB
7	gstatic.com fonts.gstatic.com p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com	109 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.com 2 redirects adservice.google.com www.google.com	1 KB
5	cdninstagram.com scontent.cdninstagram.com	105 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	googletagservices.com www.googletagservices.com	109 KB
2	google.co.uk adservice.google.co.uk	914 B
2	plesk.page sharp-elbakyan.194-163-146-70.plesk.page
1	2mdn.net s0.2mdn.net	65 KB
1	googleadservices.com partner.googleadservices.com	646 B
1	googleapis.com fonts.googleapis.com	2 KB
139	15

	Domain	Requested by
49	dzballon.com	1 redirects dzballon.com c0.wp.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net dzballon.com tpc.googlesyndication.com pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net dzballon.com www.googletagservices.com
16	pagead2.googlesyndication.com	dzballon.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	c0.wp.com	dzballon.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	scontent.cdninstagram.com	dzballon.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net dzballon.com
2	googleads4.g.doubleclick.net	dzballon.com
2	p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	sharp-elbakyan.194-163-146-70.plesk.page	dzballon.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	dzballon.com
1	stats.wp.com	dzballon.com
1	fonts.googleapis.com	dzballon.com
139	22

This site contains links to these domains. Also see Links.

Domain
web.facebook.com
www.instagram.com
twitter.com
www.facebook.com
instagram.com
www.flashscore.fr

Subject Issuer	Validity	Valid
dzballon.com R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://dzballon.com/
Frame ID: 07E7568E74525E48BCE7DD7EE488E2A8
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211130/r20190131/zrt_lookup.html
Frame ID: E0597A5F7468E6C57C9EA76D27B73CD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=8118741407&adk=1519400323&adf=1776886919&pi=t.ma~as.8118741407&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587716&bpp=4&bdt=467&idt=149&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KXZlMdt4uw&p=https%3A//dzballon.com&dtd=170
Frame ID: 61C1AE876D0095422274C8156DADB1CF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307105849827608&output=html&h=280&slotname=5161712592&adk=3384584541&adf=1692986546&pi=t.ma~as.5161712592&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587720&bpp=2&bdt=470&idt=191&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Et3bKys2W&p=https%3A//dzballon.com&dtd=195
Frame ID: 9460CB449F43EE6C2CEA7C90DE3D00E8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=600&slotname=8477887959&adk=2461682980&adf=1434918322&pi=t.ma~as.8477887959&w=300&lmt=1638465587&psa=0&format=300x600&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587722&bpp=1&bdt=472&idt=226&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vfxKJcXzpP&p=https%3A//dzballon.com&dtd=228
Frame ID: 879EED5A05BE871BA23CA953642F043A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=280&slotname=7798681712&adk=2755374971&adf=3154814687&pi=t.ma~as.7798681712&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587723&bpp=1&bdt=473&idt=228&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280%2C300x600&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U7rB7J2qfG&p=https%3A//dzballon.com&dtd=231
Frame ID: AD3EBC36B7369D51DD34975C6257E2CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=3721446914&adk=3355564592&adf=3553566787&pi=t.ma~as.3721446914&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587724&bpp=1&bdt=475&idt=241&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280%2C300x600%2C1068x280&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=E6eoArJboM&p=https%3A//dzballon.com&dtd=243
Frame ID: E432C2C330BC7FBCE557974E9FDB41B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&adk=1812271804&adf=3025194257&lmt=1638465587&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdzballon.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587736&bpp=2&bdt=486&idt=238&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280%2C300x600%2C1068x280%2C728x90&nras=1&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=244
Frame ID: 0600BACF8E804EF1192A44E746CB91AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B75D2D856488069EE85F12A725DA51AB
Requests: 2 HTTP requests in this frame

Frame: https://p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 236E76DBE713F955C4FEF34C3F697A5F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211130/r20110914/zrt_lookup.html?fsb=1
Frame ID: D84FECFC2BC810CB0D5E4A7075532C4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEYtLzPuwEwAQ&v=APEucNVEjr9UiS5sQ7QAek9KuCHFEepUYEVg2zaIYozMVbhg-UahLhQYLVm4B60JMtu14OF7R78t-GG2kqetvKNViiVNoom_MNL_W-BCXnpGzT4zlMMrJ8IqKq6h9-r4DySLOw7Z2_Phe9GiRANg8bI-nEcRsoZQheqZAkHXOeWqSMHDJmjAsl0
Frame ID: 541C478B242F7E58B7DFDCD4A0C4C9C4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js
Frame ID: BA9203B2F0E5B074F2CEAA5361692773
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 33C03B7C3422946B4E6C456C04265FA6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B223216388937B88E41A0D76F4487DB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Frame ID: 655AAF4682BE86C7494812F0AB7044D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Frame ID: 6DB01FAB01301F99F89CA0FCDFCC586F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6A9747606C3A75C036A96CAC08935F8A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1922FFFB326AE9616585FFFC6FA04277
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DZBallon - L'actualité du football algérien en général

Page URL History Show full URLs

http://dzballon.com/ HTTP 301
https://dzballon.com/ Page URL

Page Statistics

139
Requests

96 %
HTTPS

53 %
IPv6

15
Domains

22
Subdomains

20
IPs

3
Countries

1888 kB
Transfer

4853 kB
Size

10
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://web.facebook.com/foudefootball

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dzballon/?hl=fr

Search URL Search Domain Scan URL

URL: https://twitter.com/foudefootball?lang=fr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/376654045747890
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/dzballon
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/foudefootball
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.flashscore.fr/football/algerie
Title: ALGERIE FOOT LIVE

Search URL Search Domain Scan URL

URL: https://www.instagram.com/enews
Title: @enews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTF8T9jhMFN

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTF2BpphV-a

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTFw30enr3o

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTFruEvn1po

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CTFmr0OAKfg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dzballon.com/ HTTP 301
https://dzballon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1&C=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YakANKaoilEVHTFsdRjKSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENIleUEkm047sLL_PCLGd6I&google_cver=1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwMzEwNzEwNTgzNDMxNDA0NQ%3D%3D

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

139 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dzballon.com/
Redirect Chain

http://dzballon.com/
https://dzballon.com/

402 KB
52 KB

1080ms
1018ms

Document
text/html

194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PHP/7.4.26 PleskLin
Resource Hash: 26ce997e2985a93eb52e1d8aadce0b9277a765f682a779a29377d955ebac54ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Thu, 02 Dec 2021 17:19:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.26 PleskLin
link: <https://dzballon.com/wp-json/>; rel="https://api.w.org/", <https://dzballon.com/wp-json/wp/v2/pages/85759>; rel="alternate"; type="application/json", <https://dzballon.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 02 Dec 2021 17:19:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://dzballon.com/

GET
H2 200 style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/ 79 KB
10 KB 77ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 11 KB
2 KB 86ms
29ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 4 KB
1 KB 87ms
29ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 smartbanner.min.css
dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/libs/smart-banner-js/ 3 KB
1 KB 72ms
70ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/libs/smart-banner-js/smartbanner.min.css?ver=null
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"60bb5467-c5c"
last-modified: Sat, 05 Jun 2021 10:39:35 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend.css
dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/css/ 3 KB
801 B 65ms
64ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/css/frontend.css?ver=null
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 6360dd4b070d652ea545030aaba1d8336ac1023c38645b0a5337b10cede8bced

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"60bb5467-c26"
last-modified: Sat, 05 Jun 2021 10:39:35 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 dashicons.min.css
c0.wp.com/c/5.8.2/wp-includes/css/ 58 KB
34 KB 86ms
29ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/css/dashicons.min.css

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 frontend.css
dzballon.com/wp-content/plugins/post-views-counter/css/ 289 B
407 B 118ms
116ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: gzip
etag: "121-5cd0a51e655ae-gzip"
last-modified: Tue, 28 Sep 2021 08:51:30 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
x-accel-version: 0.01
accept-ranges: bytes
content-length: 201

GET
H2 200 style.css
dzballon.com/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
8 KB 117ms
115ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b6f7-10f52"
last-modified: Thu, 04 Mar 2021 10:31:19 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 149ms
60ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0164790714c658bcbe873c5f3d396cebc8130468b1dd579ff0af1ebe00462e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 16:47:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 17:19:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 17:19:47 GMT

GET
H2 200 style.css
dzballon.com/wp-content/themes/Newspaper/ 152 KB
24 KB 84ms
82ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: f0300e6243307279dea081242f5c1e9039479351015378bb0b53ce1498c47c50

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b66a-261c5"
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 td_legacy_main.css
dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 244 KB
31 KB 98ms
96ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b70d-3cfe4"
last-modified: Thu, 04 Mar 2021 10:31:41 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 td_standard_pack_main.css
dzballon.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 621 KB
44 KB 108ms
107ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b735-9b323"
last-modified: Thu, 04 Mar 2021 10:32:21 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 demo_style.css
dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/what/ 5 KB
1023 B 115ms
114ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/what/demo_style.css?ver=10.3.9.1
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: d2011a5b77474b1489c6ba0934d804d0144ea8ac036abf3f88252edb3d878e7a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b709-12e1"
last-modified: Thu, 04 Mar 2021 10:31:37 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 tdb_less_front.css
dzballon.com/wp-content/plugins/td-cloud-library/assets/css/ 106 KB
12 KB 118ms
117ms Stylesheet
text/css 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b728-1a97b"
last-modified: Thu, 04 Mar 2021 10:32:08 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.2/css/ 85 KB
16 KB 85ms
29ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.2/css/jetpack.css

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Tue, 28 Sep 2021 19:34:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 87 KB
30 KB 85ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 11 KB
4 KB 85ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 wp-emoji-release.min.js Show response
dzballon.com/wp-includes/js/ 18 KB
5 KB 68ms
66ms Script
application/javascript 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6152d718-4705"
last-modified: Tue, 28 Sep 2021 08:49:28 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 DZBAL-200x110.png
dzballon.com/wp-content/uploads/2021/06/ 12 KB
12 KB 66ms
65ms Image
image/png 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/06/DZBAL-200x110.png
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a4c3a418910a54a73af5b502b0ec505ffb28dab93d96903665818d7685f43be0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
last-modified: Tue, 22 Jun 2021 19:50:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "60d23ef9-3016"
content-type: image/png
accept-ranges: bytes
content-length: 12310

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 176ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0c1be7e8f8dd80dc7c7c2e845392db3a7820cb45949647f9b315f9c17c12a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51267
x-xss-protection: 0
server: cafe
etag: 87349360148762071
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Dec 2021 17:19:47 GMT

GET
H2 403 240650082_108516841555149_2097008472042213560_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c180.0.1080.1080a/s640x640/ 21 B
21 B 139ms
28ms Image
text/plain 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c180.0.1080.1080a/s640x640/240650082_108516841555149_2097008472042213560_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=3rcewncnAqUAX_QVdia&edm=ABfd0MgBAAAA&ccb=7-4&oh=01ce8f4a37620af93ff7fb67b1e581a1&oe=612F6414&_nc_sid=7bff83
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
content-type: text/plain
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcKJw1rwqiljDwcuCMbP2Nc5WOqMhWDt-vvvRTuV25t8Z9D4mygY2IA44GnVIfxpipdhpVZUxGvBKLaAX10kqmL52nMgssiTldEhaQ"; e_clientaddr="AcKo00fB2isHMhf_1GXeCFLNkN4gEwENIU1LErhplIipRcaVQ9J92ik4MA8-2seeyi6TOweJq2zEMlzb0QwkzrgVZVyRWw"; e_fb_builduser="AcJ-oFJKLFO-tKBLUTuBuyErmLFLinRUxYuNY4-F9LgSNt9tyd4WcM7zqUAThg3cggk"; e_proxy="AcI9JULCvce0Iqf80kMVgtJCmg0A07A0Jkdf_D-0qRjkQ9Tp6YhnT25EZSpjnnt9nYbm_NlgUBBQ1ZU"; e_fb_binaryversion="AcIsWjFPuUpxZbSGv4DGnIgb4b07sfHeESn06SP9NgLY_GwbsPxNuyAwSoDQnLPVBq9l7p0Hkolzen7i6O-DVRhQfRklEvqN3WQ"

GET
H2 403 240726761_531037914824344_3789221188358688463_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.180.1440.1440a/s640x640/ 21 B
21 B 142ms
31ms Image
text/plain 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.180.1440.1440a/s640x640/240726761_531037914824344_3789221188358688463_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=PKHJqN2dUE0AX87BoM4&edm=ABfd0MgBAAAA&ccb=7-4&oh=d9a96068fe11b252c7a157bfe4e01345&oe=6130B304&_nc_sid=7bff83
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
content-type: text/plain
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcKufe29kFNw0YXMLlJaUeGskn-H03XshFf8q4Tc152jrGVJUeXLNoZbOKmgevdMP8EeU7ULsQ06_nxnotyNzY0U0meKCc5LXjTPQA"; e_clientaddr="AcKcGS_AmEoy9U31UYpFhZ3cafrJ1gMk5l2f7RT2tRhuXApKMi3Y-oNtM10Q5SFE-QMjd7X57VkpS8U1Ov2dcOUc2EUeng"; e_fb_builduser="AcJW-Zgts84GdBm3F7qjQVIu-kDpm4MkObGCI0JPuozhuMotRAIu-_UZ12dLqt6WYeY"; e_proxy="AcLRByufVfLAXjtrZpO0Ar55W79zuPSl-IOhS4QaYxd-t9LPD_nqVNQXexMFirF86RtMMwbOu_Xcumg"; e_fb_binaryversion="AcI6kGDkoiJmn6ao9wBOr3y05w19TtJCxPTDj4ygCELZ_G5IAYbX3b-f_EfYvTM1PmN3lP_FyIabuE_2IWq92Rq_E0fKyw6OyMk"

GET
H2 403 240539785_834389933888398_2680321340957815073_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 21 B
21 B 142ms
31ms Image
text/plain 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/240539785_834389933888398_2680321340957815073_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=ioVUo7mQD0oAX_IpHVs&edm=ABfd0MgBAAAA&ccb=7-4&oh=ddb6cd8ac5a63221a9e204c046360746&oe=61312972&_nc_sid=7bff83
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
content-type: text/plain
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcK8JOKJYDgFnCbkgeJw7zc3bDp6nZQnPF-rrMSYGJFX5ejIi4RxmChV7X-urJC7qWsAyex7ST4ivtBuuCkQG30bXFHBl6ENjQSjjg"; e_clientaddr="AcJ53OZLN41EFGwuZLjHouNcAONqHvSdA1UVHaJGpXwFh6pAidqA-PWU_ZE3wEY1fF9GdRV8Xkwloj06jElZdaXTDKWUOw"; e_fb_builduser="AcIHUdSBB_XsAH2BLeayv-bsRr1sCeh_rQLjOTrBnG5dSGEKMuhAxmsNZlLvEqVBO4I"; e_proxy="AcKAsWqLgEC40SKCsbkzhM1ThKF6QF4_iKrK4LDFvpA_VsOi8C-Zz619VK4tvkjxR5ePtjpNneScZfY"; e_fb_binaryversion="AcI64jvCXiQbh2LoIZPcsDY0v1Ck4dOIhlac3xtehhVOjPu-uzRzT4JWJ_Ud-Zdqain0Zlb25u2HL57nOUiw2z1CSyuxBFBqrKs"

GET
H2 403 240643307_4360681767323295_3564434620847978576_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.90.720.720a/s640x640/ 21 B
21 B 142ms
31ms Image
text/plain 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.90.720.720a/s640x640/240643307_4360681767323295_3564434620847978576_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=i8Y1b9QOfSQAX-uZRfE&edm=ABfd0MgBAAAA&ccb=7-4&oh=863686eb649cb5fd107fa67862c72377&oe=61304847&_nc_sid=7bff83
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
content-type: text/plain
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcKM0srWVqJYuzBP7o2mN-EtGelFvy81KHK9SdaRodkwxtB7iu-MMcQ-jhBvNLmerqtVimRBx96kRkeau45zT8thNUVuneR_o4h97g"; e_clientaddr="AcKGq5ogza2Hjz2-c70wG9HfzWz8mrK0YrgG_PvIsciK6lLS66V4WiHoRcWFHANbks-YAewcdSjyRshTBeO29sjvOHKDpw"; e_fb_builduser="AcJfB5Odyf3m2mMPM6d0w1v4amPnBhKQu5vkml3qmU20q8ISapdOsjUVvfarYWPk3fg"; e_proxy="AcI4bomR9dJBkvrHD20lSpyY8QxKL40XZWYLo41tCkXnvkiU1xoS8Kysyd13SiUK5KvRjO33upBskgU"; e_fb_binaryversion="AcIdAOw6Gfd-uGucSNT4xwyLLHsGl4gwQWZFtUVjoCVXlliab9VTB8lbM_Zq4Vj4gtVFqu4qvUysERS1DRa8_uwudKvifhKpWI4"

GET
H2 403 240762422_4977006572315316_8609845599371609825_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.180.1440.1440a/s640x640/ 21 B
21 B 142ms
32ms Image
text/plain 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.180.1440.1440a/s640x640/240762422_4977006572315316_8609845599371609825_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=SYll56SIkF4AX__EeZM&edm=ABfd0MgBAAAA&ccb=7-4&oh=a8381e825ec352eed16bbdfb6680a127&oe=612F76EB&_nc_sid=7bff83
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
content-type: text/plain
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcKqS6kbxdaptEDcOQbwF5KcWYwnKz7KBqVmosFy87cGkC9QnYtS4JY81hBgGXMqEG5f40HtosMEv52fTUg9voRGfYd2V5MefxRKTw"; e_clientaddr="AcIMTMqVzxwcYQmb2rQVm_cUbryV2FQFYYdDc9a96_Ig_KEdc7-nQnfTVZMmLHWEx-wuih5olocpF6TyvjqU4u5rn9DWRw"; e_fb_builduser="AcIhM_wlm4lXppwdwUwr0aatBMqSZA48o_g6I-HoBP6kAkbXWuTsXHIa4f7IVueag-Q"; e_proxy="AcIGkAh7A5MkrFAXBhC2qb8Xs3QzCIH6Z-P-fc_c--uN6TiTOyXc7YegJlrpeQDEGeBLd5iGXe-GT8Y"; e_fb_binaryversion="AcKZD2EWRs8gmSYqzRJWVMzpJaD_4j7c7ubMuZfJoCB5-syUodjG2r5HHnF_VDcdXlcwbJnzY6qIgFk9x1QqvkdicclX6Ef8MM4"

GET
H2 404 DZBAL-200x110.png
sharp-elbakyan.194-163-146-70.plesk.page/wp-content/uploads/2016/11/ 0
0 834ms
32ms Image
text/html 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharp-elbakyan.194-163-146-70.plesk.page/wp-content/uploads/2016/11/DZBAL-200x110.png
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 smartbanner.js Show response
dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/libs/smart-banner-js/ 16 KB
4 KB 70ms
70ms Script
application/javascript 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/libs/smart-banner-js/smartbanner.js
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 49fa858e491838e0af94ffe3844bcb3cb02b6ea39cc314241e982935777d78d5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"60bb5467-410b"
last-modified: Sat, 05 Jun 2021 10:39:35 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend.js Show response
dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/js/ 5 KB
1 KB 78ms
78ms Script
application/javascript 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/mobiloud-smart-app-banner/public/js/frontend.js
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 56b81c23b91dcbe22a67a9ade320d3b94b025a119f72cdd98882dca248fdca82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"60bb5467-15d3"
last-modified: Sat, 05 Jun 2021 10:39:35 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 underscore.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/ 19 KB
7 KB 53ms
51ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/underscore.min.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 19:33:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 js_posts_autoload.min.js Show response
dzballon.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 68ms
66ms Script
application/javascript 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b728-13fa"
last-modified: Thu, 04 Mar 2021 10:32:08 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 tagdiv_theme.min.js Show response
dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 253 KB
54 KB 83ms
81ms Script
application/javascript 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b6f9-3f512"
last-modified: Thu, 04 Mar 2021 10:31:21 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/ 3 KB
1 KB 56ms
54ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/comment-reply.min.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 js_files_for_front.min.js Show response
dzballon.com/wp-content/plugins/td-cloud-library/assets/js/ 33 KB
7 KB 68ms
67ms Script
application/javascript 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
etag: W/"6040b728-8387"
last-modified: Thu, 04 Mar 2021 10:32:08 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.2/wp-includes/js/ 1 KB
719 B 56ms
54ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.2/wp-includes/js/wp-embed.min.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 02 Dec 2022 17:19:47 GMT

GET
H2 200 e-202148.js Show response
stats.wp.com/ 9 KB
3 KB 97ms
19ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202148.js
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT lhr
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 21 Nov 2022 00:05:04 GMT

GET
H2 404 dzball.jpg
sharp-elbakyan.194-163-146-70.plesk.page/wp-content/uploads/2016/11/ 0
0 824ms
31ms Image
text/html 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sharp-elbakyan.194-163-146-70.plesk.page/wp-content/uploads/2016/11/dzball.jpg
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 newspaper.woff
dzballon.com/wp-content/themes/Newspaper/images/icons/ 123 KB
123 KB 56ms
55ms Font
font/woff 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dzballon.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: dzballon.com
URL: https://dzballon.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

Referer: https://dzballon.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Origin: https://dzballon.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: nginx
x-powered-by: PleskLin
etag: "6040b66a-1eab4"
content-type: font/woff
accept-ranges: bytes
content-length: 125620

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 188ms
80ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dzballon.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:05:06 GMT
x-content-type-options: nosniff
age: 162881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 20:05:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 195ms
87ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dzballon.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 128789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 05:33:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 139ms
32ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dzballon.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:42 GMT
x-content-type-options: nosniff
age: 92045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:45:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 153ms
53ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dzballon.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:57:38 GMT
x-content-type-options: nosniff
age: 91329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:57:38 GMT

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd9b4b10be5a293cbc0f2f89cb21d2072517953a34fb6ac2e7df8d13a966ffe

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 124 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5df0f0543a4ad5a0db36d12288ba6583088f2ed6ff60b631c7afd0550d143161

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 117 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 123 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 172d5b83579e06dce26714973595e570204438c66e025f8a65082df29221626b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 elements.png
dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 47ms
46ms Image
image/png 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: dzballon.com
URL: https://dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
last-modified: Thu, 04 Mar 2021 10:31:41 GMT
server: nginx
x-powered-by: PleskLin
etag: "6040b70d-1035"
content-type: image/png
accept-ranges: bytes
content-length: 4149

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 89ms
89ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dzballon.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 162712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 20:07:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 23ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2&blog=106193865&post=85759&tz=1&srv=dzballon.com&host=dzballon.com&ref=&fcp=1390&rand=0.017913791558671788
Requested by: Host: dzballon.com
URL: https://dzballon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Dec 2021 17:19:47 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 272 KB
98 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5970654787553740&plah=dzballon.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6647c629b0353e61b719983a5e38d302e0dd0157275778322217d9847a47ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100177
x-xss-protection: 0
server: cafe
etag: 3011515418998312429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Dec 2021 17:19:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211130/r20190131/ Frame E059 11 KB
5 KB 143ms
34ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211130/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Dec 2021 16:01:22 GMT
expires: Thu, 16 Dec 2021 16:01:22 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 4705
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
646 B 122ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dzballon.com&callback=_gfp_s_&client=ca-pub-5970654787553740

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5970654787553740&plah=dzballon.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1be367d3581c1d5c20638570454197fea888fced0d5a2a3247e4cfa6fc80b316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 160ms
39ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=dzballon.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 144ms
54ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dzballon.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 17:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61C1 73 KB
28 KB 298ms
260ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=8118741407&adk=1519400323&adf=1776886919&pi=t.ma~as.8118741407&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587716&bpp=4&bdt=467&idt=149&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KXZlMdt4uw&p=https%3A//dzballon.com&dtd=170

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4464cc2fb60365cea26cc58715fb5b31b62fcc23f568bacd4774107d4624415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 28547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9460 84 KB
29 KB 762ms
752ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307105849827608&output=html&h=280&slotname=5161712592&adk=3384584541&adf=1692986546&pi=t.ma~as.5161712592&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587720&bpp=2&bdt=470&idt=191&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Et3bKys2W&p=https%3A//dzballon.com&dtd=195

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e2de27f1c05e1cba02b5771ca2313edf6738e2e360f57fdb8fb9362a6ceb8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 30124
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 879E 430 B
230 B 307ms
306ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=600&slotname=8477887959&adk=2461682980&adf=1434918322&pi=t.ma~as.8477887959&w=300&lmt=1638465587&psa=0&format=300x600&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587722&bpp=1&bdt=472&idt=226&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vfxKJcXzpP&p=https%3A//dzballon.com&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb148c5cd52ab37834d8e88453063709261c62d0a6d28dc077ef527a0bd12cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD3E 430 B
228 B 237ms
236ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=280&slotname=7798681712&adk=2755374971&adf=3154814687&pi=t.ma~as.7798681712&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587723&bpp=1&bdt=473&idt=228&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280%2C300x600&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U7rB7J2qfG&p=https%3A//dzballon.com&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c801ef92b473789d6bc052bc63959889e1f9e72614bde107ff1938de9415c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E432 430 B
229 B 483ms
483ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=3721446914&adk=3355564592&adf=3553566787&pi=t.ma~as.3721446914&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587724&bpp=1&bdt=475&idt=241&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280%2C300x600%2C1068x280&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=E6eoArJboM&p=https%3A//dzballon.com&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c25eb67bbdeb00469ce0e8b90ed26c98ec3ecd79d094d965b41734190a863fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0600 81 KB
33 KB 240ms
239ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&adk=1812271804&adf=3025194257&lmt=1638465587&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdzballon.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587736&bpp=2&bdt=486&idt=238&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1068x280%2C300x600%2C1068x280%2C728x90&nras=1&correlator=32543444456&frm=20&pv=1&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=244

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5b4c9ae4d4167ced5df46bfa7d7c99053f7eaff58dd21c9d9fa91de5b8befbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 33660
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

GET
H2 200 2740348290066107465
tpc.googlesyndication.com/simgad/ Frame 61C1 13 KB
14 KB 121ms
49ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2740348290066107465?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk5T1HZ9DlitOp7YprjVJpxJb_sAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=8118741407&adk=1519400323&adf=1776886919&pi=t.ma~as.8118741407&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587716&bpp=4&bdt=467&idt=149&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KXZlMdt4uw&p=https%3A//dzballon.com&dtd=170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8196befe9aae848f0ef5828eb824f9f98a9a215281b08fae81baf09048b42f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:39:49 GMT
x-content-type-options: nosniff
age: 283199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 13:05:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Nov 2022 10:39:49 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame 61C1 19 KB
8 KB 100ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 61C1 2 KB
1 KB 111ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:18:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 61C1 15 KB
6 KB 100ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61C1 119 KB
37 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37131
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638290904732407"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 17:19:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 61C1 27 KB
11 KB 112ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4d52f0873b7e3c8c0c237c7cfeed042fb11115928c4450d9e424b81d673d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 08:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11381
x-xss-protection: 0
server: cafe
etag: 14162795474132296175
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 08:50:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 61C1 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8_GNMwCpYeDJOs2C1fAPxIifqAfov9DkZuG_vvyND9zZHhABIOKJ_Ctgu76ug9AKoAHP5qOHA8gBAqkC5ix95iNYtj6oAwHIA8kEqgTCAU_QNWJBj4EM2aXIPS2OvtQZoWw7d2EHv7St-88zkwOCNCwD7Vh_zgvvpYbRjQBed64xOFZb2SeSkPojI8XJWJn5Hyr7ZpxgGkdbFKPXRwKxhAuCO8n2v4lCsF5uuVZh_rHjiSHpd9-NLsaBPkghioyZSb1G0-bxHc9VvZOcsSZs_y7Q0WgWmp4AvRQdwK1BNe5eGmYbZoC7bA3toWd_ttyPRPdefCoz4CqeOCIvDLMmSBeQXgvEuv5O3BG7jt6M5W5HwATbxubC1AOgBgKAB5mZ3HioB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCGzAfSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNTk3MDY1NDc4NzU1Mzc0MBgA&sigh=6y7ylM_GMIg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=8118741407&adk=1519400323&adf=1776886919&pi=t.ma~as.8118741407&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587716&bpp=4&bdt=467&idt=149&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KXZlMdt4uw&p=https%3A//dzballon.com&dtd=170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Dec 2021 17:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Dec 2021 17:19:48 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 149 KB
53 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f401e864e54a8411c9f0f0ca9c478ef3e2ca5abe3d376fcb47f5b4300f14e753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54307
x-xss-protection: 0
server: cafe
etag: 14626719426454994521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Dec 2021 17:19:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B75D 143 B
163 B 31ms
29ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=8118741407&adk=1519400323&adf=1776886919&pi=t.ma~as.8118741407&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587716&bpp=4&bdt=467&idt=149&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KXZlMdt4uw&p=https%3A//dzballon.com&dtd=170

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Dec 2021 17:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 236E 247 B
964 B 135ms
38ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

aa9d57868cd7b7a3095b5ae6feab67bbc332fd6e8eb13b7950022d44757d110c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-_z-Q2T5Tf1wwzZ13oqDy8A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 206
date: Thu, 02 Dec 2021 17:19:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 61C1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d358a552038743463944f2ff7842c8099db0111c59d263f8120ea658520b5ab

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 79ms
41ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=dzballon.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
39ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dzballon.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211130/r20110914/ Frame D84F 11 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211130/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Dec 2021 15:53:01 GMT
expires: Thu, 16 Dec 2021 15:53:01 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 5207
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 541C 624 B
297 B 40ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEYtLzPuwEwAQ&v=APEucNVEjr9UiS5sQ7QAek9KuCHFEepUYEVg2zaIYozMVbhg-UahLhQYLVm4B60JMtu14OF7R78t-GG2kqetvKNViiVNoom_MNL_W-BCXnpGzT4zlMMrJ8IqKq6h9-r4DySLOw7Z2_Phe9GiRANg8bI-nEcRsoZQheqZAkHXOeWqSMHDJmjAsl0

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211130/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame BA92 19 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:12:44 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/ Frame BA92 6 KB
3 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211130/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:14:34 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA92 0
571 B 152ms
73ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtBPfGnBkDorIQaFcGkFOq45zr4qZ_DCYNRWQPvAW0kDxRhwHqYIbDim9pcphgI5AYFTZFZT247jbr9w_FI7d_LHX9R9E0jbP9liQzvwG9Uvkt0iBV4rBoIXWVMT1-Ex4l1TCcgTvpNgSFxqKWjf4EcqjByS0ArRJPNypbL27Iqa_IMKE8g7Gb0vYX8sbv19C7BftBNNrMuFC7OWcjUrHVXxMDOYSor8fd5fuLq73oTRuuKC3mDqwZxdJezHkYUwfY_v-k1ok5YGyJkpNOP5DPRu64OuulRYz70l6rdLWUDcs6wSue89Lx4QOLy54N43G9PQxTOvqQL8vqkETQl5nDV8ltxsXyzN0nKTYGZYRmubnqI80ZfRmeloOksia6hAIijk8xY7tam4-VygFKjw7nsrpTU1sPX_n7lcRcqGfmhEzjSybffKS9om2pOBrEAh5zsJ-bu2nL5P7uP6hMgKBQCljHVIHp0rb_SPZzJD9QaSDFu48ofMJTHs0b3mmHKY5oNWD-0ABEUHkKsPtsBDGhPyTxqaMSgzv9f-cU7pKpYOOLXmsHVKfIzZlxVxrq1KhMRF_ujTLDKzjuevlcfDPRLqFtIgorL67yxliQy0uLGs4z6L6Y7XR1QXx7GSeeapjmG8Bmg57l7ncaYGoCtqhkNIEnLMxd3PO9ii6XYkXFKxeeIHKmUGF_RtQdac3PzCsKRituSeHCVNe5sFne9y1SQvyDbEWKRWFHieQJ10fNZJ97iiLxe_1GW-k9tEgkAW1fvu-96iJfPDeSwwZx6GRAy2loFEu6aqzVriYBSZKsUo5ww8brvrwQfnRz1_YRvDlGFCrZwQZt9WpErAAZ-VWf-OLWkCLDpx60c-SRiJFcRmNRQLO7_BABhg8T4tNPjlnHJ0jh7NhF705k01--3iaiY33RDCUKwvLC6otlvgP_nGw1CkG0V_h_O3oiPwsqfgAraD33CK90ELQGpdOx7bnLSqyaweGKQtpbPKUc63cEfKXG-Ac-0AbOZXr-TuifVe31nA1xm2eZUxKJkKdBUbDdJP2MEnZQYGIFzQ38E-dLaBGtKSugI-ASg5DRD6KXKrurwCW3&sai=AMfl-YQD_pPDvtIAVFN_r2f79351Y5gmf2xqb0n3KInSV3BuHVgVWIShZJdegrek1mYEhkttQRfOHUQMCOTC9eA_EALVvMFrX_CvxUXE6OIY2TGRz6QUgmNs_atRBee5-8rYXiZL66Tazl9B8ysWHLVqUavBcWQ9dXto3qetbmgpFME1mhH-TgAjyyY&sig=Cg0ArKJSzEZh1MjTCA-oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211130.55415&adurl=

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 02 Dec 2021 17:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BA92 41 KB
15 KB 74ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 30 Nov 2022 08:11:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame BA92 2 KB
1 KB 69ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA92 119 KB
36 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37131
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638290904732407"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 17:19:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame BA92 15 KB
6 KB 70ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA92 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-c0px6dkWKXBg7W_iZCkP2JbP7g7gsT2Rf_yXMR-53iCTOeNNtDNtW8bwPAhlAeVxdruRiTCJqiGV8sKSF0haX9DKFJkfsox7DXg3PuRa0ypfb_o

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14070849246210949804
s0.2mdn.net/simgad/ Frame BA92 64 KB
65 KB 144ms
30ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14070849246210949804

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8d8e837ffd70314dc3254ac66e04256bc8adad638db68a2e1c72d1161d61492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 09:50:30 GMT
x-content-type-options: nosniff
age: 286158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65724
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 06:44:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 09:50:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B75D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

175ms
174ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 236E 4 KB
2 KB 78ms
40ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

77d27a8177052214a6e54ceb4d9c59963969011a8391f8b4b5cc10c7bf18c7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-17T6T5q5SgQLHDmlZqRnAg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1863
date: Thu, 02 Dec 2021 17:19:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 541C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1&C=1

43 B
1013 B

48ms
48ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEYtLzPuwEwAQ&v=APEucNVEjr9UiS5sQ7QAek9KuCHFEepUYEVg2zaIYozMVbhg-UahLhQYLVm4B60JMtu14OF7R78t-GG2kqetvKNViiVNoom_MNL_W-BCXnpGzT4zlMMrJ8IqKq6h9-r4DySLOw7Z2_Phe9GiRANg8bI-nEcRsoZQheqZAkHXOeWqSMHDJmjAsl0
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 17:19:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 02 Dec 2021 17:19:48 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 17:19:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 02 Dec 2021 17:19:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 541C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YakANKaoilEVHTFsdRjKSgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1

43 B
893 B

44ms
44ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEYtLzPuwEwAQ&v=APEucNVEjr9UiS5sQ7QAek9KuCHFEepUYEVg2zaIYozMVbhg-UahLhQYLVm4B60JMtu14OF7R78t-GG2kqetvKNViiVNoom_MNL_W-BCXnpGzT4zlMMrJ8IqKq6h9-r4DySLOw7Z2_Phe9GiRANg8bI-nEcRsoZQheqZAkHXOeWqSMHDJmjAsl0
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 17:19:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 02 Dec 2021 17:19:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAIFRpucCqvl9TwkrzNbD4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 541C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENIleUEkm047sLL_PCLGd6I&google_cver=1

43 B
1006 B

99ms
71ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENIleUEkm047sLL_PCLGd6I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCjslEYtLzPuwEwAQ&v=APEucNVEjr9UiS5sQ7QAek9KuCHFEepUYEVg2zaIYozMVbhg-UahLhQYLVm4B60JMtu14OF7R78t-GG2kqetvKNViiVNoom_MNL_W-BCXnpGzT4zlMMrJ8IqKq6h9-r4DySLOw7Z2_Phe9GiRANg8bI-nEcRsoZQheqZAkHXOeWqSMHDJmjAsl0

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 17:19:48 GMT
X-Proxy-Origin: 194.36.110.167; 194.36.110.167; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8c7205b6-5467-4156-87d7-1e47c1f455c5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENIleUEkm047sLL_PCLGd6I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 541C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwMzEwNzEwNTgzNDMxNDA0NQ%3D%3D

170 B
188 B

93ms
55ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwMzEwNzEwNTgzNDMxNDA0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Dec 2021 17:19:48 GMT
X-Proxy-Origin: 194.36.110.167; 194.36.110.167; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 388aa90d-fd90-42ac-bc1c-5ed5e6653138
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIwMzEwNzEwNTgzNDMxNDA0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BA92 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1504a3f1d69ca8a348ea31e754f3544da99f2f78f972761165e9b07a2854f951

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 33C0 22 KB
8 KB 29ms
29ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Dec 2021 18:04:59 GMT
expires: Thu, 01 Dec 2022 18:04:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 83689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js Show response
pagead2.googlesyndication.com/bg/ Frame 33C0 35 KB
13 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 07:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13361
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 07:54:07 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA92 0
23 B 102ms
64ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dzballon.com
URL: https://dzballon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 17:19:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 9992009682516672946
tpc.googlesyndication.com/simgad/ Frame 9460 117 KB
117 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9992009682516672946?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn7s8sCv0mpdVduTdbPBKPgRRjuWg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307105849827608&output=html&h=280&slotname=5161712592&adk=3384584541&adf=1692986546&pi=t.ma~as.5161712592&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587720&bpp=2&bdt=470&idt=191&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Et3bKys2W&p=https%3A//dzballon.com&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d68649ee9f8679fdbbf5da707a2a1c0814e168e6e4ddd6488129fc0d5c5eb041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 18:19:51 GMT
x-content-type-options: nosniff
age: 82797
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119539
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 18:54:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 18:19:51 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/ Frame 9460 19 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9460 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI65nMwCpYbWAO4iG9fgP4o6MiAjU68_rZoTI76X8Ds_mor3AARABIKSdw1Zgu76ug9AKoAGt3IqIA8gBAqgDAcgDyQSqBMgBT9AqaRA6jtT9COgQ1_ZC_ottOBKYIWMiEAyBkO-W5yMH3cBH0aTpJhzRJfJiJtzZMaV0ILjhqiQT265-IbnW-ivl_V7yVcMY1Ufdt_TabqbdaLY713cUbMTsEX408ZbAv4Fj1aAeT12XmuhIm2-byl1ZBkxxt5IWVKcq_O6PXgyBAyt16dqnRZ_0lYEaeWcwpGd_wbkCKZfZubaRqSqHg0jvyYgp9vqt7gWjHc2iHBpFYdV9ImBX7sQUDBZIQteDaavLFynnA9LABLH_sJ3jA5IFBAgEGAGSBQQIBRgEoAYCgAeCpsVqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQh7EH0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTIzMDcxMDU4NDk4Mjc2MDgYAA&sigh=AaaLamQscA8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307105849827608&output=html&h=280&slotname=5161712592&adk=3384584541&adf=1692986546&pi=t.ma~as.5161712592&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587720&bpp=2&bdt=470&idt=191&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Et3bKys2W&p=https%3A//dzballon.com&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Dec 2021 17:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 9460 2 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9460 119 KB
36 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37131
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638290904732407"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 17:19:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 9460 15 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 17:19:43 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/ Frame 9460 27 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211130/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4d52f0873b7e3c8c0c237c7cfeed042fb11115928c4450d9e424b81d673d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 08:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11381
x-xss-protection: 0
server: cafe
etag: 14162795474132296175
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 08:50:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B22 143 B
163 B 29ms
29ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307105849827608&output=html&h=280&slotname=5161712592&adk=3384584541&adf=1692986546&pi=t.ma~as.5161712592&w=1068&fwrn=4&fwrnh=100&lmt=1638465587&rafmt=1&psa=0&format=1068x280&url=https%3A%2F%2Fdzballon.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587720&bpp=2&bdt=470&idt=191&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9Et3bKys2W&p=https%3A//dzballon.com&dtd=195

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Dec 2021 17:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9460 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dabfdf7552e83c452cfba1e52086d3988ec720e937c56dc141cd0d531f3c9c24

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33C0 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8_2qNACpYc97xOHGA9f1huALAAAAADgB4AQC&bg=!Pj2lPXnNAAaQHwIOkB87ACkAdvg8Wh7oJhq13n9SZKzOPlEJXvGv1ywukl-TRpb3I9ZPGxi06G0RWAIAAABxUgAAAChoAQeZAvZ2OY-RXAfh4s6pJMfTMhnvYuXq6LnThxV2URlHhAuvGcAcQKLL5K1JpiAenwq6-BnajRzMzwbJIFA5s7TCmUa14Q-Zc5Ge7E3ik6kzaIDtw5-xG_2tI_UAv1kWzlhH6gaK8OtqN6ghP97Z00Wzs-R1IKYGkOncgFvNTo_rpMdsHKqjExuQvk53crHHupIxdxSoMtqLP2mmL87WUGkXvwE1xxIaeD0fdFFF45EBCFNPynBkoDrP1f6s7QirGyCeC54sOZJXiE5D8BoOvOJPVh1UgrArRb7QmF3gUM2q8aacXA7IzwquMwAeJkkpKUEjndLPe0kso98h1kXRZiKy5MWwKfFIvkXNQqHqRb6566KzMjRQtbMGlQqD66zKQ--zRiRE29sJT6epxHt8TkkiFVFv4f3KmcgItRrKJkw-4fHafCbzhh3XEw8Lxf8Dm4pCJlMpRtvsGp3b1errKmRaL-mRwlj2aZkGHuWob9oAsi5Dv7f27zMXJB6EJzINKyILVn1oBD9VF-8Buxg4UdsldkImVM24vnSATMUPMpap0e5l57XSQP4JF4zzb7D1vvFcRyDyZLC1vHAotlnwchnT_H3zJRMk0a2PyS3FsxkjM2jP0v9x0q5o_udWTnY0zoKQ2Vzp6Nstvuc1FABnD8bIPp7WtX8FBptKTAaQWwUvoc6rDs-ki07Pvc8fNc4oFY1wqCeQcCFzjCZLv13Epd57k2JlkjkzJHbhcCJ9s6wyirGbp0NHMKz0zxzRisFMHhSstsJXrzEyruVmvVWMfsngMCwhfYghqDyL6kB7yZF-d3i44CorZtXOQ58BLrTd-Vl-C0qUJf0hBnnolv-EeWJ7itff-nS9qPpXGe1YfaPEEU3ekXOqDPrmealUIlhdaV37Qas77gOzSAA6w9V35fzdxWFh6DKgo8nF6W_xXbL-l46RNnhv-fDQ8nZU9KNSPXCtVDZGUmaaA500xrCLHZi4sL1MYDNS2jFHyNAasjchxdqMr0endQQ8kg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js Show response
pagead2.googlesyndication.com/bg/ Frame 655A 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 07:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13361
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 07:54:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B22
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

113ms
112ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Dec 2021 17:19:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Dec 2021 17:19:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Dec 2021 17:19:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DB0 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 07:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13361
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 07:54:07 GMT

GET
H2 200 1200-L-algrie-le-coach-de-nice-annonce-une-trs-bonne-nouvelle-pour-atal-218x150.jpg
dzballon.com/wp-content/uploads/2021/03/ 8 KB
8 KB 42ms
41ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/03/1200-L-algrie-le-coach-de-nice-annonce-une-trs-bonne-nouvelle-pour-atal-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: b721aa1392b16ba54656ab7526b75008496212a672459184face8355dfa955f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 20 Mar 2021 09:48:28 GMT
server: nginx
x-powered-by: PleskLin
etag: "6055c4ec-1f9d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8093

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 80ms
43ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

656fdd980e2ab976619a508a16b29da0ebd465af7151ef2ed63b181d287f3a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Dec 2021 17:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8484
x-xss-protection: 0

GET
H2 200 PicsArt_12-02-11.08.27-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 7 KB
7 KB 42ms
41ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/PicsArt_12-02-11.08.27-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a918347edcfa859df425bb5e450e84027e679443b663bb1ae05cd5416fa83753

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 02 Dec 2021 10:09:06 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a89b42-1abc"
content-type: image/jpeg
accept-ranges: bytes
content-length: 6844

GET
H2 200 20211202_104518-218x150.png
dzballon.com/wp-content/uploads/2021/12/ 55 KB
55 KB 72ms
71ms Image
image/png 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/20211202_104518-218x150.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 1c4cdfa9d010a65c9829a97b33d66f944bfad62b48b149315f381c34ff6566fe

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 02 Dec 2021 09:48:31 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a8966f-db1b"
content-type: image/png
accept-ranges: bytes
content-length: 56091

GET
H2 200 20211124_232037-2-218x150.jpg
dzballon.com/wp-content/uploads/2021/11/ 10 KB
10 KB 42ms
42ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/11/20211124_232037-2-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: f4cb6989336aba130ab1e65e5feb2b49b3130f8f6193260c5856b4b5b876574c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 27 Nov 2021 13:10:30 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a22e46-2815"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10261

GET
H2 200 PicsArt_12-02-05.58.29-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 8 KB
9 KB 50ms
50ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/PicsArt_12-02-05.58.29-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: dd25d30705ad7563388017e16521bbc8b1f408fcc2859a241b3832f48533ab7d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 02 Dec 2021 05:00:02 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a852d2-2179"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8569

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 02 Dec 2021 17:19:49 GMT

GET
H2 200 PicsArt_11-25-08.50.00-218x150.jpg
dzballon.com/wp-content/uploads/2021/11/ 9 KB
9 KB 43ms
43ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/11/PicsArt_11-25-08.50.00-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 3a41a7eb693bba83d79efc6fc3fc8e2079cd0548fbfe08214093b009492bcf81

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 25 Nov 2021 19:52:52 GMT
server: nginx
x-powered-by: PleskLin
etag: "619fe994-24b4"
content-type: image/jpeg
accept-ranges: bytes
content-length: 9396

GET
H2 200 PicsArt_12-02-01.59.42-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 9 KB
9 KB 45ms
45ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/PicsArt_12-02-01.59.42-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: b3d86553ccc30d8e82b96d6b157e581cd3a6dba00f9552e688d5e5fe152da172

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 02 Dec 2021 13:03:20 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a8c418-247d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 9341

GET
H2 200 20211201_203552-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 10 KB
11 KB 46ms
45ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/20211201_203552-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a07d3e4752906de42988bf06aded6a9b9cc5816b05083a084c826c2be7c5316e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Wed, 01 Dec 2021 19:54:40 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a7d300-299f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10655

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6A97 12 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 02 Dec 2021 14:09:12 GMT
expires: Fri, 02 Dec 2022 14:09:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1922 783 B
536 B 39ms
38ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a97c2422ac0299f9aaaf58be852fd0f6bf9e751d2394cccd35aedc9b6a0b01a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9MD6M+LjWq+0DwAr1W7nIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 02 Dec 2021 17:19:49 GMT
date: Thu, 02 Dec 2021 17:19:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9MD6M+LjWq+0DwAr1W7nIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 20211201_142514-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 9 KB
9 KB 66ms
65ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/20211201_142514-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: c6dc8c80c8c42340a9a8738b1d77de120bb65156bbce9a9774d4156bbaede37f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Wed, 01 Dec 2021 13:38:16 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a77ac8-234c"
content-type: image/jpeg
accept-ranges: bytes
content-length: 9036

GET
H2 200 PicsArt_11-06-10.25.29-218x150.jpg
dzballon.com/wp-content/uploads/2021/11/ 11 KB
11 KB 54ms
54ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/11/PicsArt_11-06-10.25.29-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 869196bfee1fa3405cf3010380316d4d8d4d3497099811d55341284c0a892c81

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 06 Nov 2021 21:26:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "6186f31a-2a6a"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10858

GET
H2 200 PicsArt_10-25-06.58.25-218x150.jpg
dzballon.com/wp-content/uploads/2021/10/ 9 KB
9 KB 50ms
49ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/10/PicsArt_10-25-06.58.25-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 76ebf46d3956e4f98061ff9f466f4034ee0aca98131475c5142ddb2d1b4ee31e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Mon, 25 Oct 2021 17:02:35 GMT
server: nginx
x-powered-by: PleskLin
etag: "6176e32b-22cb"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8907

GET
H3 200 zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A97 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 07:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13361
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 07:54:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1922 0
0 82ms
82ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211130&jk=412122997673988&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 inbound6411026504249709990-218x150.jpg
dzballon.com/wp-content/uploads/2021/10/ 6 KB
6 KB 43ms
43ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/10/inbound6411026504249709990-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: e6955819ce17e067380fc194db21a221bcbd701ce13568850c57410108d9fc11

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Tue, 12 Oct 2021 18:37:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "6165d5f0-16fa"
content-type: image/jpeg
accept-ranges: bytes
content-length: 5882

GET
H2 200 inbound6720804880820568411-218x150.jpg
dzballon.com/wp-content/uploads/2021/09/ 8 KB
8 KB 43ms
43ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/09/inbound6720804880820568411-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: faa35d77cc49a419c35a745cb218c6c1efe7a52fba034779803f5c77e36edcc2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 18 Sep 2021 11:25:21 GMT
server: nginx
x-powered-by: PleskLin
etag: "6145cca1-200e"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8206

GET
H2 200 bf-218x150.jpeg
dzballon.com/wp-content/uploads/2021/11/ 8 KB
8 KB 41ms
41ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/11/bf-218x150.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 3885e1630402353b02ae4913fdc93e62936982148ab5f03fb09accd4654c54e0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Mon, 22 Nov 2021 06:46:31 GMT
server: nginx
x-powered-by: PleskLin
etag: "619b3cc7-1fc2"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8130

GET
H2 200 JSK-640x405.jpg
dzballon.com/wp-content/uploads/2021/01/ 70 KB
70 KB 49ms
49ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/01/JSK-640x405.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a976fdd67af4f016f95fab4467c87823590f2064bfee58034b1e9f596d1cb8bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Tue, 05 Jan 2021 09:01:24 GMT
server: nginx
x-powered-by: PleskLin
etag: "5ff42ae4-11850"
content-type: image/jpeg
accept-ranges: bytes
content-length: 71760

GET
H2 200 PicsArt_10-30-12.06.34-218x150.jpg
dzballon.com/wp-content/uploads/2021/10/ 6 KB
7 KB 49ms
49ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/10/PicsArt_10-30-12.06.34-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: f04909e853b4f603dda9b8e6bc24286daabb6578d5265eb67745ae8e5325fdec

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 30 Oct 2021 10:11:01 GMT
server: nginx
x-powered-by: PleskLin
etag: "617d1a35-19db"
content-type: image/jpeg
accept-ranges: bytes
content-length: 6619

GET
H2 200 PicsArt_10-29-04.50.55-218x150.jpg
dzballon.com/wp-content/uploads/2021/10/ 12 KB
12 KB 43ms
42ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/10/PicsArt_10-29-04.50.55-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 4093f563fb33ba6112362e6f81c0906b76bd5367866de86b2477be8cc7d10684

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Fri, 29 Oct 2021 14:55:07 GMT
server: nginx
x-powered-by: PleskLin
etag: "617c0b4b-304f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 12367

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 61C1 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEpy3MwCpYeDJOs2C1fAPxIifqAfov9DkZuG_vvyND9zZHhABIOKJ_Ctgu76ug9AKoAHP5qOHA8gBAqkC5ix95iNYtj6oAwGqBMIBT9A1YkGPgQzZpcg9LY6-1BmhbDt3YQe_tK37zzOTA4I0LAPtWH_OC--lhtGNAF53rjE4VlvZJ5KQ-iMjxclYmfkfKvtmnGAaR1sUo9dHArGEC4I7yfa_iUKwXm65VmH-seOJIel3340uxoE-SCGKjJlJvUbT5vEdz1W9k5yxJmz_LtDRaBaangC9FB3ArUE17l4aZhtmgLtsDe2hZ3-23I9E9158KjPgKp44Ii8MsyZIF5BeC8S6_k7cEbuO3ozlbkfABNvG5sLUA6AGAoAHmZnceKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIbMB9IICQiA4YAQEAEYH4AKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTcwNjU0Nzg3NTUzNzQwGAA&sigh=DVI46nwdT9w&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5970654787553740&output=html&h=90&slotname=8118741407&adk=1519400323&adf=1776886919&pi=t.ma~as.8118741407&w=728&lmt=1638465587&psa=0&format=728x90&url=https%3A%2F%2Fdzballon.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638465587716&bpp=4&bdt=467&idt=149&shv=r20211130&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=32543444456&frm=20&pv=2&ga_vid=563394832.1638465588&ga_sid=1638465588&ga_hid=1528496368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753741%2C31062423%2C21065724&oid=2&pvsid=412122997673988&pem=836&tmod=1028796464&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KXZlMdt4uw&p=https%3A//dzballon.com&dtd=170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Dec 2021 17:19:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 61C1 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-jNO0-iHXoiYuJVIBZEGRdyiKln1QH6H7FyDuoqPcKzlD5AhkQOUwp-G-ogW9qnncKpFVHiYm1dTB3Vujs-_C8mFP4BHXpmwyqlXWkCnxkTwZ8pbkrw&sai=AMfl-YTgbCNSGJcqOBvOifW6IBVij4xT5x6aFA1fgCEcOeDwwrZcIMuRfEGba16qLSTuw54lfxlYfm_iLISx&sig=Cg0ArKJSzBm9b5LqIq-2EAE&id=lidar2&mcvt=1002&p=0,41,83,687&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1519400323&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1638465587888&rpt=479&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PicsArt_10-28-05.03.44-218x150.jpg
dzballon.com/wp-content/uploads/2021/10/ 9 KB
9 KB 50ms
50ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/10/PicsArt_10-28-05.03.44-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 4061252ec101d49e0bc3d6a398c6a206fcf693e948cad88065b7744e0d5c0c6a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 28 Oct 2021 15:07:16 GMT
server: nginx
x-powered-by: PleskLin
etag: "617abca4-2347"
content-type: image/jpeg
accept-ranges: bytes
content-length: 9031

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211130&jk=412122997673988&bg=!NjWlNXHNAAaQHwIOkB87ACkAdvg8WhpJphn9jA0TW81fkmaAi-DRlPBJ3MhV0EWUe6kAaj9kOBd76AIAAABbUgAAAAtoAQcKAMcPGyF3uJu5rZaSdIck4_6HDWqKAeg6idlinqVP63zDXEgNn4yPelKAknMFXIoAf-Ln1lrv0eXgkY1iFntPwZwUzM55b_VS_Kokzy-U5iPJOzoXKl7PmKt_hynjSXHmDScsk6k3KT2W70YrSvAS_nxuukVJHv7X1oIt62rSQN8pmr0lcbqSw9GQmMEm94FjbxA4WNUBTxUlo0n89zvjbOoSElIo5y89XzHJIZ3rVgEHdzwFtxheEXH0TRiMHYI_fYb1Z6PlsGgmmQKuIkNgU47FSyvc5ElipaDo24mGkDJEGa-wt4GDJx_O--RdUgHOEgntxofmGrZt4AM_DkeiSr3JOH_AGnQ04MlvX1UN5zdBGowupH2-WZJnZHs485H3bhoZ3Q2DqGtxj0sHr2FxU__wkp6RRii9cbzw7hIQmY44Jo061M1yBdRqm6ifgNq0gXwAnXvcW0RtvnASxCQl_0A36pbI8KbZJKVWsb6QOVJVsQQsHN9VOl83I7_C893Zdl40STv8dyyah7pmxcG0Rw4gelGnQ7vAEyqD8GpAaG7mCtRvAec4oTKodWyv8WzEaQDQoCr7SotqtXDYrOgQ5jB7fHh1ctUqTvFAOzHwdUYpC7eK4xfMsADpnqfAeuNcpymIkx125N_JT-7QvFVZQGyUBoIRIpbVouXvrfmXJDyKDHEu_NuzkOPkFYHp06PCwa3qF4LIZCM5BlgQI9CPS2athC3lLLc0tWXatFVGTQtU6T15wdhy2PrnQLAC0WO9Y8Nyg2p28lA8FjSvds8VJBmRmnBH4cPDZB-DsGr4-mUOn2yXA135wySUi4ncI7gATsYXaAz1rYuGHwoEEEI1hRDhMDG7LUpZrvShbgD0wk1ckI86Rkypcs__HLIhivfsNYVb-UfjQA3hAxfkoqElxhuc8Z3VF1gE_zCDPpirh56xYkM7D0S9gNOHBIxoqJX0pBOJPc7pHd9a3AJDOMlujCI5f1vJ7Ib_I5zEipmGi30oyIPZacJFuMl6fXVLhl67H6eb9KyMBlKXso1hNQZnbaZoOTB6849xGf7LQbB8xdxFZJB0b05KBUNl2tv9mpzGxQCQ4We3tsQWDJ9r71zeIwDBTiCxJg5Cgp3xlxWPQ-NvE8Gw5FUIVQ0j2CfHWchRSAxkSY9O8WOjAC_QtT8mvehTKfs0luFH-GE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inbound6113740443316119599-218x150.jpg
dzballon.com/wp-content/uploads/2021/09/ 10 KB
11 KB 50ms
50ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/09/inbound6113740443316119599-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: e8b1a361ff4f05773f011f013ff551dcd744f18386132dfedebbf169fe0bef49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Tue, 07 Sep 2021 11:24:39 GMT
server: nginx
x-powered-by: PleskLin
etag: "61374bf7-297d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10621

GET
H2 200 cd0a735c925491d315d0034942abe5be_M-218x150.jpg
dzballon.com/wp-content/uploads/2021/07/ 9 KB
9 KB 46ms
46ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/07/cd0a735c925491d315d0034942abe5be_M-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 10955b8997ada1b8d6e0c02c6f0a2085c630beba9131bd57fb7ca0fee88e44ce

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Mon, 19 Jul 2021 19:30:49 GMT
server: nginx
x-powered-by: PleskLin
etag: "60f5d2e9-22cf"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8911

GET
H2 200 fifa-infantino-218x150.jpg
dzballon.com/wp-content/uploads/2021/05/ 10 KB
10 KB 46ms
46ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/05/fifa-infantino-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: fa6ea350cdbbfdc9b3cdfb47db6c399bf9dda200c5078207d815c51c9c6ac06c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Fri, 21 May 2021 07:56:52 GMT
server: nginx
x-powered-by: PleskLin
etag: "60a767c4-27c8"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10184

GET
H2 200 zinedine-zidane-chelsea.jpg
dzballon.com/wp-content/uploads/2021/02/ 60 KB
60 KB 42ms
42ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/02/zinedine-zidane-chelsea.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: b5741f59263bc6c2413bd5fc0d3f18bc7e38e9aa0334dcabcef9272907ca7e93

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 06 Feb 2021 09:30:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "601e61a9-eeab"
content-type: image/jpeg
accept-ranges: bytes
content-length: 61099

GET
H2 200 large-ogc-nice-le-degout-de-gouiri-c982e.jpg
dzballon.com/wp-content/uploads/2021/01/ 33 KB
34 KB 40ms
40ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/01/large-ogc-nice-le-degout-de-gouiri-c982e.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: c16fdc3958de5eb401df85339e3d417e16e047d3c60fd54f6182c269a1781dbc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sun, 17 Jan 2021 17:33:18 GMT
server: nginx
x-powered-by: PleskLin
etag: "600474de-85b2"
content-type: image/jpeg
accept-ranges: bytes
content-length: 34226

GET
H2 200 PicsArt_11-25-08.50.00-534x462.jpg
dzballon.com/wp-content/uploads/2021/11/ 40 KB
40 KB 47ms
47ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/11/PicsArt_11-25-08.50.00-534x462.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 42b806ad2c73dbc37e669790ef82f9207954505a029348195bd5f17a6c5dba07

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 25 Nov 2021 19:52:53 GMT
server: nginx
x-powered-by: PleskLin
etag: "619fe995-9e86"
content-type: image/jpeg
accept-ranges: bytes
content-length: 40582

GET
H2 200 1200-L-algrie-le-coach-de-nice-annonce-une-trs-bonne-nouvelle-pour-atal-533x261.jpg
dzballon.com/wp-content/uploads/2021/03/ 21 KB
21 KB 49ms
49ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/03/1200-L-algrie-le-coach-de-nice-annonce-une-trs-bonne-nouvelle-pour-atal-533x261.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 591d314df1f4661700d2a9a39e8690d3970025ba07ac097b6e23fdb32493956b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Sat, 20 Mar 2021 09:48:29 GMT
server: nginx
x-powered-by: PleskLin
etag: "6055c4ed-555f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 21855

GET
H2 200 PicsArt_12-02-01.59.42-533x261.jpg
dzballon.com/wp-content/uploads/2021/12/ 23 KB
23 KB 43ms
43ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/PicsArt_12-02-01.59.42-533x261.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 86323f86c52afe602ae0d07002abfb7d42ea472b9e491c610d5d85c2727b0d91

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 02 Dec 2021 13:03:20 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a8c418-5c3c"
content-type: image/jpeg
accept-ranges: bytes
content-length: 23612

GET
H2 200 20211201_203552-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 10 KB
11 KB 42ms
42ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/20211201_203552-218x150.jpg
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a07d3e4752906de42988bf06aded6a9b9cc5816b05083a084c826c2be7c5316e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Wed, 01 Dec 2021 19:54:40 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a7d300-299f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10655

GET
H2 200 20211201_142514-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 9 KB
9 KB 47ms
47ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/20211201_142514-218x150.jpg
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: c6dc8c80c8c42340a9a8738b1d77de120bb65156bbce9a9774d4156bbaede37f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Wed, 01 Dec 2021 13:38:16 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a77ac8-234c"
content-type: image/jpeg
accept-ranges: bytes
content-length: 9036

GET
H2 200 PicsArt_12-02-11.08.27-218x150.jpg
dzballon.com/wp-content/uploads/2021/12/ 7 KB
7 KB 45ms
45ms Image
image/jpeg 194.163.146.70
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dzballon.com/wp-content/uploads/2021/12/PicsArt_12-02-11.08.27-218x150.jpg
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.146.70 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi608334.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a918347edcfa859df425bb5e450e84027e679443b663bb1ae05cd5416fa83753

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dzballon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:19:49 GMT
last-modified: Thu, 02 Dec 2021 10:09:06 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a89b42-1abc"
content-type: image/jpeg
accept-ranges: bytes
content-length: 6844

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA92 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzY_gNRnxZfGfWMfW0UJW49Ui-VfNKNgYEPiSK-ujn-xqJXDlfz8XNtSmLIjxMMqb-FY_PtbeGRhU0DAGjN9gx5OmH5uXfElaH6znvehcyeIpUYcBdGQ&sai=AMfl-YTrSERqhyiDXw6rJZuQ8lnBJaqW99CvQpGHkWemoK3HajBGKcbJgmeJpCvK2XnGYGnmbGSu7OdwZl6d&sig=Cg0ArKJSzM1g_1RpXlrTEAE&cid=CAASBORogPE&id=lidar2&mcvt=1001&p=0,0,94,728&mtos=0,998,1001,1001,1001&tos=0,998,3,0,0&v=20211130&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638465588427&rpt=462&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 17:19:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dzballon.com/	1970-01-20 08:29:21	Name: __gads Value: ID=42af3c56b4d7569b-226bc1d223cc0002:T=1638465587:RT=1638465587:S=ALNI_Ma2y8A0GL9mvvazu6MQ9YjU5FfElg
.doubleclick.net/	1970-01-20 08:29:21	Name: IDE Value: AHWqTUk_P-AzBAgNRlerL_5gCXs-wVmQZ8A9KUULSD3GNIwXPe8AcKYa5TRpjbAhWi4
.adnxs.com/	1970-01-20 01:17:21	Name: uuid2 Value: 6203107105834314045
.casalemedia.com/	1970-01-20 01:17:21	Name: CMPS Value: 1854
.adnxs.com/	1970-01-20 01:17:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImInT`<l!@wnfH8K6pQK`!5=E<*L5?%M-4JK)35-=J-e7]fG0Y/C!f%'Hh?ie<=T%Y%UP(hw9P-HC_#tt_B)eW18
.casalemedia.com/	1970-01-19 23:09:11	Name: CMST Value: YakANGGpADQA
.doubleclick.net/	1970-01-19 23:07:49	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 07:53:21	Name: CMID Value: YakANOTHLtPXSU1.FuGnywAA
.casalemedia.com/	1970-01-20 01:17:21	Name: CMPRO Value: 205
.casalemedia.com/	1970-01-20 07:53:21	Name: CMRUM3 Value: 2d61a900342760CAESENAIFRpucCqvl9TwkrzNbD4

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c180.0.1080.1080a/s640x640/240650082_108516841555149_2097008472042213560_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=3rcewncnAqUAX_QVdia&edm=ABfd0MgBAAAA&ccb=7-4&oh=01ce8f4a37620af93ff7fb67b1e581a1&oe=612F6414&_nc_sid=7bff83 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.180.1440.1440a/s640x640/240726761_531037914824344_3789221188358688463_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=PKHJqN2dUE0AX87BoM4&edm=ABfd0MgBAAAA&ccb=7-4&oh=d9a96068fe11b252c7a157bfe4e01345&oe=6130B304&_nc_sid=7bff83 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/240539785_834389933888398_2680321340957815073_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=ioVUo7mQD0oAX_IpHVs&edm=ABfd0MgBAAAA&ccb=7-4&oh=ddb6cd8ac5a63221a9e204c046360746&oe=61312972&_nc_sid=7bff83 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.90.720.720a/s640x640/240643307_4360681767323295_3564434620847978576_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=i8Y1b9QOfSQAX-uZRfE&edm=ABfd0MgBAAAA&ccb=7-4&oh=863686eb649cb5fd107fa67862c72377&oe=61304847&_nc_sid=7bff83 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c0.180.1440.1440a/s640x640/240762422_4977006572315316_8609845599371609825_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=SYll56SIkF4AX__EeZM&edm=ABfd0MgBAAAA&ccb=7-4&oh=a8381e825ec352eed16bbdfb6680a127&oe=612F76EB&_nc_sid=7bff83 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sharp-elbakyan.194-163-146-70.plesk.page/wp-content/uploads/2016/11/dzball.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sharp-elbakyan.194-163-146-70.plesk.page/wp-content/uploads/2016/11/DZBAL-200x110.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
c0.wp.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dzballon.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
p4-bvndvoqiej3ry-n5ijpowk5s7dx6cl-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s0.2mdn.net
scontent.cdninstagram.com
sharp-elbakyan.194-163-146-70.plesk.page
stats.wp.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.184.226
142.250.185.226
142.250.185.99
142.250.186.66
185.33.221.14
192.0.76.3
192.0.77.37
194.163.146.70
2.21.141.232
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a03:2880:f22d:c4:face:b00c:0:43fe
0164790714c658bcbe873c5f3d396cebc8130468b1dd579ff0af1ebe00462e69
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10955b8997ada1b8d6e0c02c6f0a2085c630beba9131bd57fb7ca0fee88e44ce
111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1504a3f1d69ca8a348ea31e754f3544da99f2f78f972761165e9b07a2854f951
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
172d5b83579e06dce26714973595e570204438c66e025f8a65082df29221626b
175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1be367d3581c1d5c20638570454197fea888fced0d5a2a3247e4cfa6fc80b316
1c4cdfa9d010a65c9829a97b33d66f944bfad62b48b149315f381c34ff6566fe
26ce997e2985a93eb52e1d8aadce0b9277a765f682a779a29377d955ebac54ce
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2de27f1c05e1cba02b5771ca2313edf6738e2e360f57fdb8fb9362a6ceb8dd
30cad9ec7fbe11d3de293805d82343744663da3e650c19bbbc23dd7c58202cce
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3885e1630402353b02ae4913fdc93e62936982148ab5f03fb09accd4654c54e0
3a41a7eb693bba83d79efc6fc3fc8e2079cd0548fbfe08214093b009492bcf81
4061252ec101d49e0bc3d6a398c6a206fcf693e948cad88065b7744e0d5c0c6a
4093f563fb33ba6112362e6f81c0906b76bd5367866de86b2477be8cc7d10684
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
42b806ad2c73dbc37e669790ef82f9207954505a029348195bd5f17a6c5dba07
49fa858e491838e0af94ffe3844bcb3cb02b6ea39cc314241e982935777d78d5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
56b81c23b91dcbe22a67a9ade320d3b94b025a119f72cdd98882dca248fdca82
591d314df1f4661700d2a9a39e8690d3970025ba07ac097b6e23fdb32493956b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d358a552038743463944f2ff7842c8099db0111c59d263f8120ea658520b5ab
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5df0f0543a4ad5a0db36d12288ba6583088f2ed6ff60b631c7afd0550d143161
5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f
5fd9b4b10be5a293cbc0f2f89cb21d2072517953a34fb6ac2e7df8d13a966ffe
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
6360dd4b070d652ea545030aaba1d8336ac1023c38645b0a5337b10cede8bced
656fdd980e2ab976619a508a16b29da0ebd465af7151ef2ed63b181d287f3a13
6c25eb67bbdeb00469ce0e8b90ed26c98ec3ecd79d094d965b41734190a863fc
6c801ef92b473789d6bc052bc63959889e1f9e72614bde107ff1938de9415c8b
76ebf46d3956e4f98061ff9f466f4034ee0aca98131475c5142ddb2d1b4ee31e
77d27a8177052214a6e54ceb4d9c59963969011a8391f8b4b5cc10c7bf18c7cf
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
8196befe9aae848f0ef5828eb824f9f98a9a215281b08fae81baf09048b42f4d
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
86323f86c52afe602ae0d07002abfb7d42ea472b9e491c610d5d85c2727b0d91
869196bfee1fa3405cf3010380316d4d8d4d3497099811d55341284c0a892c81
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07d3e4752906de42988bf06aded6a9b9cc5816b05083a084c826c2be7c5316e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c3a418910a54a73af5b502b0ec505ffb28dab93d96903665818d7685f43be0
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a918347edcfa859df425bb5e450e84027e679443b663bb1ae05cd5416fa83753
a976fdd67af4f016f95fab4467c87823590f2064bfee58034b1e9f596d1cb8bd
a97c2422ac0299f9aaaf58be852fd0f6bf9e751d2394cccd35aedc9b6a0b01a1
aa9d57868cd7b7a3095b5ae6feab67bbc332fd6e8eb13b7950022d44757d110c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d86553ccc30d8e82b96d6b157e581cd3a6dba00f9552e688d5e5fe152da172
b5741f59263bc6c2413bd5fc0d3f18bc7e38e9aa0334dcabcef9272907ca7e93
b721aa1392b16ba54656ab7526b75008496212a672459184face8355dfa955f2
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c16fdc3958de5eb401df85339e3d417e16e047d3c60fd54f6182c269a1781dbc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c6647c629b0353e61b719983a5e38d302e0dd0157275778322217d9847a47ad8
c6dc8c80c8c42340a9a8738b1d77de120bb65156bbce9a9774d4156bbaede37f
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878
d2011a5b77474b1489c6ba0934d804d0144ea8ac036abf3f88252edb3d878e7a
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27
d68649ee9f8679fdbbf5da707a2a1c0814e168e6e4ddd6488129fc0d5c5eb041
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
dabfdf7552e83c452cfba1e52086d3988ec720e937c56dc141cd0d531f3c9c24
dc4d52f0873b7e3c8c0c237c7cfeed042fb11115928c4450d9e424b81d673d15
dd25d30705ad7563388017e16521bbc8b1f408fcc2859a241b3832f48533ab7d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0c1be7e8f8dd80dc7c7c2e845392db3a7820cb45949647f9b315f9c17c12a95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4464cc2fb60365cea26cc58715fb5b31b62fcc23f568bacd4774107d4624415
e6955819ce17e067380fc194db21a221bcbd701ce13568850c57410108d9fc11
e8b1a361ff4f05773f011f013ff551dcd744f18386132dfedebbf169fe0bef49
eb148c5cd52ab37834d8e88453063709261c62d0a6d28dc077ef527a0bd12cb1
ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0300e6243307279dea081242f5c1e9039479351015378bb0b53ce1498c47c50
f04909e853b4f603dda9b8e6bc24286daabb6578d5265eb67745ae8e5325fdec
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f401e864e54a8411c9f0f0ca9c478ef3e2ca5abe3d376fcb47f5b4300f14e753
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f4cb6989336aba130ab1e65e5feb2b49b3130f8f6193260c5856b4b5b876574c
f5b4c9ae4d4167ced5df46bfa7d7c99053f7eaff58dd21c9d9fa91de5b8befbe
f8d8e837ffd70314dc3254ac66e04256bc8adad638db68a2e1c72d1161d61492
fa6ea350cdbbfdc9b3cdfb47db6c399bf9dda200c5078207d815c51c9c6ac06c
faa35d77cc49a419c35a745cb218c6c1efe7a52fba034779803f5c77e36edcc2

dzballon.com Open in urlscan Pro 194.163.146.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

139 Requests

96 %HTTPS

53 %IPv6

15 Domains

22 Subdomains

20 IPs

3 Countries

1888 kBTransfer

4853 kBSize

10 Cookies

13 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dzballon.com Open in urlscan Pro
194.163.146.70 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

96 %
HTTPS

53 %
IPv6

15
Domains

22
Subdomains

20
IPs

3
Countries

1888 kB
Transfer

4853 kB
Size

10
Cookies

139 HTTP transactions
10 data transactions