ballyd.com Open in urlscan Pro
27.0.236.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ballyd.com/
Effective URL:
https://ballyd.com/
Submission: On July 25 via manual (July 25th 2022, 11:55:22 am UTC) from IN — Scanned from DE

Summary HTTP 123 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 123 HTTP transactions. The main IP is 27.0.236.139, located in Korea, Republic Of and belongs to KAKAO-AS-KR Kakao Corp, KR. The main domain is ballyd.com.
TLS certificate: Issued by R3 on July 18th 2022. Valid for: 3 months.

This is the only time ballyd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	27.0.236.139 27.0.236.139	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
30	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	211.249.219.23 211.249.219.23	7625 (DAUM-AS K...) (DAUM-AS Kakao Corp)
1	121.53.105.218 121.53.105.218	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
6	203.217.238.40 203.217.238.40	9764 (DAUM-NET ...) (DAUM-NET Kakao Corp)
13	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	211.231.99.250 211.231.99.250	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80f::2002	15169 (GOOGLE) (GOOGLE)
1	121.53.105.246 121.53.105.246	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
25	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	121.53.105.132 121.53.105.132	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
123	21

2 27.0.236.139 (Korea, Republic Of) 1 redirects

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

ballyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:3500:12::1730:17a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

t1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 211.249.219.23 (Korea, Republic Of)

ASN7625 (DAUM-AS Kakao Corp, KR)

tistory4.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.53.105.218 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

developers.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 203.217.238.40 (Korea, Republic Of)

ASN9764 (DAUM-NET Kakao Corp, KR)

i1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.231.99.250 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

malcom-01.tistory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.53.105.246 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

webid.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.53.105.132 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

stat.tiara.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	609 KB
39	daumcdn.net t1.daumcdn.net — Cisco Umbrella Rank: 15858 tistory4.daumcdn.net — Cisco Umbrella Rank: 206948 i1.daumcdn.net — Cisco Umbrella Rank: 132666	1 MB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 static.doubleclick.net — Cisco Umbrella Rank: 467	799 KB
13	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	58 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
3	gstatic.com www.gstatic.com	14 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	127 KB
2	daum.net webid.ad.daum.net — Cisco Umbrella Rank: 55651 stat.tiara.daum.net — Cisco Umbrella Rank: 52753	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	914 B
2	ballyd.com 1 redirects ballyd.com	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	645 B
1	tistory.com malcom-01.tistory.com	645 B
1	kakao.com developers.kakao.com — Cisco Umbrella Rank: 34991	111 KB
123	14

	Domain	Requested by
30	t1.daumcdn.net	ballyd.com t1.daumcdn.net
25	tpc.googlesyndication.com	googleads.g.doubleclick.net ballyd.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	ballyd.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	cdnjs.cloudflare.com	ballyd.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ballyd.com
6	i1.daumcdn.net	ballyd.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	static.doubleclick.net	googleads.g.doubleclick.net
3	tistory4.daumcdn.net	ballyd.com tistory4.daumcdn.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ballyd.com	1 redirects
1	stat.tiara.daum.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	webid.ad.daum.net	ballyd.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	malcom-01.tistory.com	ballyd.com
1	developers.kakao.com	ballyd.com
123	20

This site contains links to these domains. Also see Links.

Domain
malcom-01.tistory.com

Subject Issuer	Validity	Valid
ballyd.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.daumcdn.net DigiCert SHA2 Secure Server CA	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.kakao.com Thawte TLS RSA CA G1	`2021-09-17` - `2022-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.tistory.com Thawte TLS RSA CA G1	`2022-03-14` - `2023-03-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
webid.kakao.com Thawte TLS RSA CA G1	`2022-05-17` - `2023-05-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.tiara.kakao.com Thawte TLS RSA CA G1	`2021-09-17` - `2022-08-06`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://ballyd.com/
Frame ID: 3315397541223149ACC58050B3625407
Requests: 69 HTTP requests in this frame

Frame: https://malcom-01.tistory.com/api
Frame ID: 9EFF8D347137C70B352924DDCD30335C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 5204AFAE28E1326965A6448D7BE8DF5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&adk=2654006795&adf=462269707&lmt=1658750115&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fballyd.com%2F&ea=0&host=ca-host-pub-9691043933427338&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115671&bpp=3&bdt=2052&idt=244&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1977835787123&frm=20&pv=2&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: DED6989D8EA1CB4E0D24A121136A4C9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&h=600&adk=1055615259&adf=3161435144&w=230&fwrn=4&fwrnh=100&lmt=1658750115&rafmt=1&psa=0&format=230x600&url=https%3A%2F%2Fballyd.com%2F&host=ca-host-pub-9691043933427338&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115674&bpp=3&bdt=2055&idt=271&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1977835787123&frm=20&pv=1&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Pw359dk4T0&p=https%3A//ballyd.com&dtd=278
Frame ID: 4F5A7BF4A08B7235C18165242E3029BA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: 519D9EC6CD3DE7FC2894E66B6E50D5D4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: A62728AE1EAB1EE4D4B604935721F5F2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486
Frame ID: DAE6A12F9C8FABC00F9A922FBC1C8780
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 011B703FC89FB73A4239CB473BA7EA38
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D597315E7277407DE201CA687B1E98E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: A583270542642F795CA7D56D6DD2DBD4
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 569C39CF1EE8BE78CF1CAE08A7C19B3D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 1D0C2A4DD51E1FB75B3DECDABA3B525D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8132A90E9AD406029989F57E7E07B150
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31C3B5DAB6369150C1C77F7EE6E3DC24
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

알.득.바.득.

Page URL History Show full URLs

http://ballyd.com/ HTTP 302
https://ballyd.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

100 %
HTTPS

65 %
IPv6

14
Domains

20
Subdomains

21
IPs

4
Countries

2832 kB
Transfer

5017 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://malcom-01.tistory.com/manage
Title: 관리

Search URL Search Domain Scan URL

URL: https://malcom-01.tistory.com/manage/entry/post
Title: 글쓰기

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ballyd.com/ HTTP 302
https://ballyd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

123 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ballyd.com/
Redirect Chain

http://ballyd.com/
https://ballyd.com/

27 KB
9 KB

1209ms
424ms

Document
text/html

27.0.236.139
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: https://ballyd.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 27.0.236.139 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: /
Resource Hash: fc61ee41f8b3b5a657a9090681e1db984d79806e58c98d99a7ba9b6a984e2922

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: https://ballyd.com
Content-Encoding: gzip
Content-Length: 8436
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Jul 2022 11:55:15 GMT
P3P: CP='ALL DSP COR MON LAW OUR LEG DEL'
Vary: Accept-Encoding
X-UA-Compatible: IE=Edge

Redirect headers

Cache-Control: no-cache
Content-length: 0
Location: https://ballyd.com/

GET
H2 200 lightbox.min.css
t1.daumcdn.net/tistory_admin/lib/lightbox/css/ 3 KB
1 KB 68ms
10ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6ae3e827093ff912ba2929226fdd8392ad58e6112466f2adbd2c2e72cd794a48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 01 Apr 2019 06:13:24 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=19718
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjowOmNodHRwOjI5
accept-ranges: bytes
timing-allow-origin: *
content-length: 905
expires: Mon, 25 Jul 2022 17:23:53 GMT

GET
H2 200 font.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/ 4 KB
732 B 68ms
10ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/font.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 830302ea423c4bacb3def01c50df661e34e7d230135b27a9a269c93194ebc18f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:13 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16908
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDg6MDpjaHR0cDoxMw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 497
expires: Mon, 25 Jul 2022 16:37:03 GMT

GET
H2 200 content.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/ 20 KB
4 KB 68ms
11ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/content.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 0c3b16a26406d5a4ac112d97ab2e40a53c8f85317172ea49e931bf6366654a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:13 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16957
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjE6MDpjaHR0cDoxNw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 4038
expires: Mon, 25 Jul 2022 16:37:52 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
t1.daumcdn.net/tistory_admin/lib/jquery/ 87 KB
31 KB 67ms
9ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/lib/jquery/jquery-3.5.1.min.js
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://ballyd.com/
Origin: https://ballyd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 09:19:31 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=7696
x-wcss: dC1jb21tb24wMS1id2NhY2hlNzE6MDpjaHR0cDoyMw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 30950
expires: Mon, 25 Jul 2022 14:03:31 GMT

GET
H2 200 lightbox-plus-jquery.min.js Show response
t1.daumcdn.net/tistory_admin/lib/lightbox/js/ 9 KB
3 KB 83ms
26ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/js/lightbox-plus-jquery.min.js
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6267391b7cd6d36a13696c19caab7e86d7f776c9d2b64eadb8f2804fc276b00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 01 Apr 2019 06:13:35 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=14693
x-wcss: dC1jb21tb24wMS1id2NhY2hlNTc6MDpjaHR0cDoyNQ==
accept-ranges: bytes
timing-allow-origin: *
content-length: 2934
expires: Mon, 25 Jul 2022 16:00:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 223ms
114ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a32d664e49bea57afc1165c773f564beab7d7dcd7b9e085b4585ed1cbbd48d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56729
x-xss-protection: 0
server: cafe
etag: 836577174174642027
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 11:55:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 148ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5359088211124029

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6faad524e6c65e28f309ce5495d723292e77c6a975378ec75d47711b2716f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Origin: https://ballyd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56715
x-xss-protection: 0
server: cafe
etag: 12134598791969657337
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 11:55:17 GMT

GET
H2 200 style.css
tistory4.daumcdn.net/tistory/5456462/skin/ 56 KB
10 KB 829ms
298ms Stylesheet
text/css 211.249.219.23
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://tistory4.daumcdn.net/tistory/5456462/skin/style.css?_T_=1658555645
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 211.249.219.23 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: f7c444292999bfd3e659d4ace7f649d1966759e9bda12239470dad8a915b125a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:16 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 05:54:04 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzU6MDpjaHR0cDoxNQ==
accept-ranges: bytes
timing-allow-origin: *
content-length: 9533
expires: Mon, 25 Jul 2022 12:25:16 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
t1.daumcdn.net/tistory_admin/lib/jquery/ 95 KB
33 KB 74ms
18ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/lib/jquery/jquery-1.12.4.min.js
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2017 05:01:30 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16664
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjg6MDpjaHR0cDoyMg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 33793
expires: Mon, 25 Jul 2022 16:32:59 GMT

GET
H2 200 style.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/plugins/TistoryProfileLayer/ 9 KB
2 KB 68ms
11ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/plugins/TistoryProfileLayer/style.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 1ef0b30605489c50c957cab991a30cbd2a5aef800afe106e7554e3bf2141ca95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:07 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17032
x-wcss: dC1jb21tb24wMS1id2NhY2hlMTE6MDpjaHR0cDowOA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 1456
expires: Mon, 25 Jul 2022 16:39:07 GMT

GET
H2 200 profile.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/plugins/TistoryProfileLayer/ 8 KB
2 KB 80ms
24ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/plugins/TistoryProfileLayer/profile.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 902884a3cbb6ad080f678d40308f60913a1390d036d6720393a40810f2f45e09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:07 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16924
x-wcss: dC1jb21tb24wMS1id2NhY2hlNzc6MDpjaHR0cDoyMw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 2278
expires: Mon, 25 Jul 2022 16:37:19 GMT

GET
H2 200 reaction-button-container.min.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/reaction/ 274 KB
81 KB 11ms
8ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/reaction/reaction-button-container.min.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 1279fcc712f3e0c4d9abc47236af243acd2976902874605f6c6e90cb58493c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:12 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16936
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjY6MDpjaHR0cDozMg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 82409
expires: Mon, 25 Jul 2022 16:37:33 GMT

GET
H2 200 base.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/_/ 137 KB
42 KB 75ms
19ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/_/base.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: c2c0dbfee13d8b64090d1af25f93ee3ee822babb0831285f09ac2a75b49773cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:08 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16954
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjg6MDpjaHR0cDowNw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 42753
expires: Mon, 25 Jul 2022 16:37:49 GMT

GET
H2 200 dialog.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/ 7 KB
2 KB 68ms
12ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/dialog.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 048bd1d6d59f1711399472eb6a9f4e903bf585fdc9afef55e7b4e2d126248f6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:12 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16787
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzU6MDpjaHR0cDoxNA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 1506
expires: Mon, 25 Jul 2022 16:35:02 GMT

GET
H2 200 font.css
t1.daumcdn.net/tistory_admin/www/style/top/ 3 KB
651 B 69ms
13ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/www/style/top/font.css
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 9b47d998d011598cff2c9234dc219ac3c80069ced37e3349832d1a82f8bcbb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 02:43:32 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=19605
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjQ6MDpjaHR0cDoxNA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 416
expires: Mon, 25 Jul 2022 17:22:00 GMT

GET
H2 200 postBtn.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/ 13 KB
3 KB 71ms
16ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/postBtn.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 74d9e0f8dc45b5d62368eb39646bff14aa180f2fdad42ddbb1836d4205b950da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:11 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16929
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjE6MDpjaHR0cDoxNg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 3005
expires: Mon, 25 Jul 2022 16:37:24 GMT

GET
H2 200 tistory.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/component/ 27 KB
5 KB 70ms
15ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/component/tistory.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 46b2def093d9fa8b8d1917e17178bf06d9743d9c971acddca009908eb17e5d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:12 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16915
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDc6MDpjaHR0cDoxNw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 4959
expires: Mon, 25 Jul 2022 16:37:10 GMT

GET
H2 200 tistory.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/component/ 915 B
792 B 80ms
25ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/component/tistory.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: cd401195ad75a5b94476a2b163aa43012d63f91b722a57de1cd73052264046af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:08 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16886
x-wcss: dC1jb21tb24wMS1id2NhY2hlNTA6MDpjaHR0cDoyMg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 552
expires: Mon, 25 Jul 2022 16:36:41 GMT

GET
H2 200 kakao.min.js Show response
developers.kakao.com/sdk/js/ 110 KB
111 KB 1085ms
253ms Script
application/javascript 121.53.105.218
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.kakao.com/sdk/js/kakao.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.218 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

2fb9e7ee98b3256d3de984abc4c136b6907e6be8677fc759643c90b17dfa90de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:16 GMT
last-modified: Wed, 29 Jun 2022 02:20:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 113131
expires: Mon, 25 Jul 2022 12:55:16 GMT

GET
H2 200 revenue.css
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/ 2 KB
818 B 71ms
17ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/revenue.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 4bb3a3ef9b2959c214e3619460aad1df52d6d2d0383bc9df9b6c45a69d5fdcae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:12 GMT
server: openresty
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16946
x-wcss: dC1jb21tb24wMS1id2NhY2hlNzowOmNodHRwOjMx
accept-ranges: bytes
timing-allow-origin: *
content-length: 586
expires: Mon, 25 Jul 2022 16:37:41 GMT

GET
H2 200 common.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/blog/ 16 KB
5 KB 80ms
25ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/blog/common.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 77655b7583a1bcb7d4de0bbfe6a1b1fca358b824f105c418555707d48858c9ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:15 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:09 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16890
x-wcss: dC1jb21tb24wMS1id2NhY2hlMTQ6MDpjaHR0cDowNw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 4620
expires: Mon, 25 Jul 2022 16:36:45 GMT

GET
H2 200 default_L.png
t1.daumcdn.net/tistory_admin/static/manage/images/r3/ 3 KB
4 KB 13ms
10ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/static/manage/images/r3/default_L.png
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: d278d43fe3b526ff9be7026ac8f6bf8c371273b3d48397551b5adcffb912e32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
last-modified: Thu, 25 Oct 2018 10:35:40 GMT
server: openresty
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=13661
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjM6MDpjaHR0cDowNw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 3369
expires: Mon, 25 Jul 2022 15:42:58 GMT

GET
H2 200 /
i1.daumcdn.net/thumb/C230x300/ 9 KB
10 KB 1532ms
765ms Image
image/jpeg 203.217.238.40
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.daumcdn.net/thumb/C230x300/?fname=https://blog.kakaocdn.net/dn/vckhH/btrH1a7djoP/cT24sRHCchMwy3i3TqtFH0/img.jpg
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 203.217.238.40 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: ec38325209b24d9421a582d18f33c94872d3ece847dac02ff5c37fc60e4b29e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:19 GMT
last-modified: Fri, 22 Jul 2022 16:05:47 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=7200
x-wcss: dC1pbWcwMS1id2NhY2hlNzowOmNodHRwOjI2
content-length: 9673
expires: Mon, 25 Jul 2022 13:55:18 GMT

GET
H2 200 /
i1.daumcdn.net/thumb/C230x300/ 19 KB
19 KB 2657ms
1890ms Image
image/jpeg 203.217.238.40
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.daumcdn.net/thumb/C230x300/?fname=https://blog.kakaocdn.net/dn/sTDlL/btrHrMFFFgB/rDIZoGCdZ1oChDgVzGzb9K/img.jpg
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 203.217.238.40 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: 4174d0a1cd646953458116b9aa524a520b4ccee200d8144f91e71a7e3147ddcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:20 GMT
last-modified: Sat, 16 Jul 2022 03:08:00 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=7200
x-wcss: dC1pbWcwMS1id2NhY2hlMjA6MDpjaHR0cDoxMQ==
content-length: 19225
expires: Mon, 25 Jul 2022 13:55:19 GMT

GET
H2 200 /
i1.daumcdn.net/thumb/C230x300/ 31 KB
32 KB 1032ms
265ms Image
image/jpeg 203.217.238.40
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.daumcdn.net/thumb/C230x300/?fname=https://blog.kakaocdn.net/dn/coPaDA/btrG3jdi6mW/WSTT4iEItG82vPMLB9sy51/img.jpg
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 203.217.238.40 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: 09f3b42e74c9e2baf65c27f00c121539b7c366f24e823aa43f62a7682e0708d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Mon, 11 Jul 2022 14:40:46 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=7200
x-wcss: dC1pbWcwMS1id2NhY2hlNTU6MDpjaHR0cDoyNQ==
content-length: 32182
expires: Mon, 25 Jul 2022 13:55:17 GMT

GET
H2 200 new_ico_5.gif
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/image/category/ 121 B
336 B 13ms
12ms Image
image/gif 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/image/category/new_ico_5.gif?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: ca5f4ac3f7dcd3f430ab8626cf76c95586e5141efdd28e229c3f51fbcf0a7307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
last-modified: Mon, 25 Jul 2022 10:35:57 GMT
server: openresty
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=16933
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzY6MDpjaHR0cDowNg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 121
expires: Mon, 25 Jul 2022 16:37:30 GMT

GET
H2 200 /
i1.daumcdn.net/thumb/C58x58/ 1 KB
1 KB 1339ms
573ms Image
image/jpeg 203.217.238.40
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.daumcdn.net/thumb/C58x58/?fname=https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FvckhH%2FbtrH1a7djoP%2FcT24sRHCchMwy3i3TqtFH0%2Fimg.jpg
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 203.217.238.40 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: e9bbcd4758f8fae5bafe6d96de05c6e16d568892d98e46306bda8cb2a984d64b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Fri, 22 Jul 2022 16:04:51 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=7200
x-wcss: dC1pbWcwMS1id2NhY2hlMTk6MDpjaHR0cDoyNg==
content-length: 1168
expires: Mon, 25 Jul 2022 13:55:17 GMT

GET
H2 200 /
i1.daumcdn.net/thumb/C58x58/ 5 KB
5 KB 1517ms
751ms Image
image/jpeg 203.217.238.40
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.daumcdn.net/thumb/C58x58/?fname=https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FsTDlL%2FbtrHrMFFFgB%2FrDIZoGCdZ1oChDgVzGzb9K%2Fimg.jpg
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 203.217.238.40 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: 50b85ae87d81fd3c63bcc8d7b60a215d1d720726cf31ea01427d1387c0bbde44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Tue, 19 Jul 2022 11:11:28 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=7200
x-wcss: dC1pbWcwMS1id2NhY2hlMTowOmNodHRwOjMw
content-length: 4717
expires: Mon, 25 Jul 2022 13:55:18 GMT

GET
H2 200 /
i1.daumcdn.net/thumb/C58x58/ 2 KB
2 KB 1517ms
751ms Image
image/jpeg 203.217.238.40
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.daumcdn.net/thumb/C58x58/?fname=https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FcoPaDA%2FbtrG3jdi6mW%2FWSTT4iEItG82vPMLB9sy51%2Fimg.jpg
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 203.217.238.40 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: 387a7c2f62ecb07562cca51a649f9bb50cb5691d768f320c52dd199a6364295b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Tue, 19 Jul 2022 11:11:28 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=7200
x-wcss: dC1pbWcwMS1id2NhY2hlMjA6MDpjaHR0cDoxOA==
content-length: 2280
expires: Mon, 25 Jul 2022 13:55:18 GMT

GET
H2 200 script.js Show response
tistory4.daumcdn.net/tistory/5456462/skin/images/ 11 KB
3 KB 272ms
271ms Script
text/javascript 211.249.219.23
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://tistory4.daumcdn.net/tistory/5456462/skin/images/script.js
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 211.249.219.23 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: 34ad24540429cd63280328d6b4ba13f5eb970d8f3f4f7d1da94ce289b90b731a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 12:23:28 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-wcss: dC1jb21tb24wMS1id2NhY2hlNTg6MDpjaHR0cDoyMA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 2823
expires: Mon, 25 Jul 2022 12:25:16 GMT

GET
H2 200 atom-one-light.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/styles/ 792 B
1 KB 51ms
20ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/styles/atom-one-light.min.css

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d76652e02644cc28bcf6e449c522da2442dcd1b6da7571da0fe4c284282c557e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1603716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 284
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-11c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbLwCPjrc1%2Bn3L0dvIEhTyyYegtFIgrztteoHLfRnmzCP8JBRKiQYVjr62Udy1FQTDNB0cIcv3DLv%2F3HZSwl%2BEmdY1dSXcintS8KqfSEpKhOmyQYvJh227l5ju6abHN3h16pR0XYR32mb%2B5gFqwbeVFK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a8bdb09a15-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H2 200 highlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/ 132 KB
34 KB 26ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/highlight.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e027de64e1a747b39ef0d16c07e55751c8e31a4d3178d1e7e487b35f1d47404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6743133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34221
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-85ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56rOsxtukq1vTLoniXeBjL5CiCrLdjXPbbh4BEidOXwHsS8zHKLfp7FRpZtu2b4TiLk2HSowoxL3fl4A8yMg5c6S3CQTPe%2FJpifCQFScKctTqWmYZL%2FBh19tHJnSz0S0SDym3HAYUYB6qUrXk1v1qdSI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a8dde29a15-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 delphi.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 2 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/delphi.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

445943a8ef9cb1890e3089c92345aa6ca141857de3a942db36aa53a1751d6971

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1599343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 864
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rheM4bs49PvJ68dIP6nFGZihynF3tX5L4msdS8DtQFc5QPdFBfLsl9iunQTWqY5ktTnjJcTgqEoCBQQoP5DcNwQQLP%2Bd5itS5cNJJ4IDLmVKwzBSfaf%2Bv35s14ZbUOso%2BQGmo2pYTfoLaOFl%2FBjzEa4K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a91ba69b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 php.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 4 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/php.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddbf7253a850080d1244ddce03ca7181ac0d26cdcecd0e8fa5ba69ebc11b6690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1603
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtAHaBSSeP5DMIfVtmtmZhqz0gfNHL1kq%2FGKgyPcKNS%2Bwc%2FaOUuY5LylgabnDr52HRz5OiIePnYsvhqZJqPQ9W%2FJmkRcNRjVt8O3FFIJCmZ1X86X9LSiE%2FJDwTJQRoYFAJv5BGHnKH7%2F4WEMBUDK780c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a93bcd9b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 python.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 3 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/python.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103879c5c440abb2a7f28351aee2f67f4b3727adb3e5b014b81e0425a9c9dc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1329
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ91PPg9G%2BZLYKbYJ%2Bl4rYKI4FAsq3FmiTdW7fO%2BC%2FcdE9r0X44zLuKcngY%2FTMuSQ9RC4aEBIDJqxIFLsEBlSqqdIXU702Hvbw3dZk6nI%2FLmZ6YQtaAEp2CPY82bwgC8a9PDLkkclF%2BqD4q2Q7z6iwN3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a94bfe9b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 r.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 3 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/r.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562ac788b30dea68e785ab911c36d0d64ff5c5a07318a5d7d9aa16bf0e9d45fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1304
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-518"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTu%2B2nR1DOR8aRZc8x%2Fj8zfQtpABL2rO3eqwsIFV4JvRfYdS2UYv5VK2mbfTzUgebapLZXrEwX5LuydPlo4q%2B3ZC3aLRkW%2FbRZNztm1HcIFZEOn%2Fv28oiycBxOC92cTos0xyOV8u%2BIXmmaFawPlytwBH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a96c479b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 ruby.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 3 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ruby.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

903b9049e7415e39f1cd981052b20b36f9c12fc4df8e5668ecfa718f3542e047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1471
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-5bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0CWjxrrq1OlTOBOa6%2F0w%2BTEvXUYQI1hMmwUgEv%2Bi8XNfPWN%2FIoueuAkOSLnE18NU1%2Bt%2Foj7X2n1O83KEJgjSUkkijbJI6yM%2FqEZ84hQNZvRJY%2FusWWd1uj6bPZ1aH%2BBg3ythHduIvGsDauQ0ja6HAjU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a98c769b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 scala.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 2 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/scala.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a146f259c15751a43c77e50de8d649fb34a51fcc636440855511ea8a5e4dd18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 620
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-26c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HZjP9vxpc2M7G1Drwje49zQAoKebeZG6pwR8ob6Oaqns2EBYAmUnPca1%2FjkG3Jubs%2BvImRPxWQcs063XKgqNFaDILGzQJauwVZKnGB3BNrC5tjPRjOmUiHoxq%2BtHQCPkeo40DkoBnWQpccVkTjs5%2Brg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a9acb59b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 shell.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 229 B
875 B 18ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/shell.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e15daafaf5a751d51622b5c9b602e7ed636d2ea4c6ffaa815ec0809a81ffaef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbXkPZ%2FG9uvbDL%2BSozzaW6jwzdbb990HOhoe8wqIWFk%2FZK8VtBAu6qJsnDW7yQSgELE3%2FylLmMtzBI7upU4u2C9RYd2z4jMNEO8WIM0avYbxs2x%2FTfLVnXDh%2BDRJqrC6p%2Fh%2BomVhvsZ%2FujPqZOJAvdkl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a9cd069b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 sql.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 6 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/sql.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23713b70e4170afdece5f1cce5ecac1ae95c449196a33b250939e9b950f09b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2131
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe8z15kIfXtoHlRREb6C6wV2ffPeRLb6Nx6XRnfan%2FmkMyskpeF%2FkqtoS7n%2BXuh9WwOM0Dg1jAn5izLvzgkn0vLLQmfFv6F2f2k27V8ESu%2FdRyyohAgZTo7q6id%2BerZ9wwVcJ4e5JhsMjDHmXdDCjTO8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4a9ed479b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 swift.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 7 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/swift.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ecfbce128d1138ef6433d46b67b8693b0d68567ab95b439c99aaa687672cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2865
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYqmE9NNwqVWuYywTt0CghNPEnVz0fKB7ab9QMHbxWmPogQvFoC4o4iZK8dDPUPipPwPT%2BjuA9HCn%2Fq7kINpLCde52gcFEJBXW47tAYMUccsGBACFX1%2Fum56sZwRqskT%2BNgSGhU3p1idAcJJjUwdeeJX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4aa0d709b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 typescript.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 6 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/typescript.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e58ef3d550a13f478c289a5edf1fdd3a56c843ef61cae2e2b2edd12520e7ac34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2265
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-8d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO9s2QrzOehMKTDMC%2B7LtpznT5zWF%2BrV2na6%2FVzkA4y5tRB8%2Fs6pQXNgjrL0ER7B1xPX2zAzasizP9VdaGgBnxYCPp%2BgaCJaA69HcXrwgl202B%2F5G%2BHNoTHfwc6zx8kd7150EsvZy7hh%2FjJ8tN5s9x6q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4aa2d929b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H3 200 vbnet.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/ 3 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/10.7.3/languages/vbnet.min.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3967cd5e9e6a3ff784012770b7c6daa6e1d7dd51e6f8bb926bf3990ddd792cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6676801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1247
timing-allow-origin: *
last-modified: Mon, 07 Jun 2021 23:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60beacc8-4df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTwMWvfPDLodM%2BLEWPfn1p%2FMWUy1r%2BAtgBcEjq1uveiO9hc5QK8nO8qiJqFHKU4VXQBwIb1KeUUpKoXV%2FidlHV9ex9jGRl0QiXH9GCSSrqx1pjasotiW1SpNL7ATXD1sqNqeacUrNZqpLrFDJ7vh%2BzV8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7304b4aa4db79b2d-FRA
expires: Sat, 15 Jul 2023 11:55:17 GMT

GET
H2 200 functions.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/plugins/PreventCopyContents/js/ 4 KB
1 KB 8ms
8ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/plugins/PreventCopyContents/js/functions.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: b06eccc635053585bd65de7ae9475d7cb3ca8000687d83877ef3e90ab62deefd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:01 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16923
x-wcss: dC1jb21tb24wMS1id2NhY2hlNTY6MDpjaHR0cDowOA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 1290
expires: Mon, 25 Jul 2022 16:37:20 GMT

GET
H2 200 tiara.min.js Show response
t1.daumcdn.net/tiara/js/v1/ 19 KB
7 KB 8ms
8ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tiara/js/v1/tiara.min.js
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: ea95ffe1b49bfc2012901e4fe9ab4f142e83656716d9a522d93b1cf6430c8de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 02:36:23 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1724
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzc6MDpjaHR0cDoxOA==
accept-ranges: bytes
content-length: 6721
expires: Mon, 25 Jul 2022 12:24:01 GMT

GET
H2 200 tiara.min.js Show response
t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/tiara/ 105 KB
31 KB 13ms
12ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/script/tiara/tiara.min.js?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 7b25b904c50d63fc5f248e47b43c88a4202b2efbd941b12ce440cd36f9355d1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 10:36:11 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=16901
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjg6MDpjaHR0cDowOA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 31455
expires: Mon, 25 Jul 2022 16:36:58 GMT

GET
H2 200 roosevelt_dk_bt.js Show response
t1.daumcdn.net/midas/rt/dk_bt/ 1 KB
932 B 14ms
13ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/midas/rt/dk_bt/roosevelt_dk_bt.js
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: d49a0f4620e81dbca0b480d3fe7e66b536e1f963427a37c97a22d27f17aa66e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
content-encoding: gzip
last-modified: Fri, 21 Feb 2020 01:50:05 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=7824
x-wcss: dC1jb21tb24wMS1id2NhY2hlNTI6MDpjaHR0cDowOQ==
accept-ranges: bytes
content-length: 715
expires: Mon, 25 Jul 2022 14:05:41 GMT

GET
H2 200 ico_package.png
tistory4.daumcdn.net/tistory/5456462/skin/images/ 7 KB
7 KB 273ms
272ms Image
image/png 211.249.219.23
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tistory4.daumcdn.net/tistory/5456462/skin/images/ico_package.png
Requested by: Host: tistory4.daumcdn.net
URL: https://tistory4.daumcdn.net/tistory/5456462/skin/style.css?_T_=1658555645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 211.249.219.23 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),
Reverse DNS
Software: openresty /
Resource Hash: d6a86f52afd8953b29e7e50e2ad9d9dcca59c70e8844d58b3155c6d3dcc2170b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tistory4.daumcdn.net/tistory/5456462/skin/style.css?_T_=1658555645
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
last-modified: Mon, 11 Jul 2022 12:23:28 GMT
server: openresty
content-type: image/png
cache-control: max-age=1800
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjE6MDpjaHR0cDowOQ==
accept-ranges: bytes
timing-allow-origin: *
content-length: 6717
expires: Mon, 25 Jul 2022 12:25:17 GMT

GET
H2 200 nanum-myeongjo-700.woff2
t1.daumcdn.net/tistory_admin/static/font/nanum-myeongjo/ 507 KB
508 KB 17ms
16ms Font
application/octet-stream 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/static/font/nanum-myeongjo/nanum-myeongjo-700.woff2
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/font.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 576e677b6650e7cbf44fd64eadb1b6b5851c547ac872e8c4a609515e33218a70

Request headers

Referer: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/font.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Origin: https://ballyd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
last-modified: Fri, 08 Feb 2019 07:51:00 GMT
server: openresty
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=15173
x-wcss: dC1jb21tb24wMS1id2NhY2hlOTowOmNodHRwOjI4
accept-ranges: bytes
timing-allow-origin: *
content-length: 519248
expires: Mon, 25 Jul 2022 16:08:10 GMT

GET
H2 200 NotoSansCJKkr-Regular.woff2
t1.daumcdn.net/tistory_admin/static/manage/font/ 223 KB
223 KB 10ms
10ms Font
application/octet-stream 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/tistory_admin/static/manage/font/NotoSansCJKkr-Regular.woff2
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/font.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 1b81646cc6f446e8c29b03c0a7b6533bf25a42ab6f051265158d5eaed66604ba

Request headers

Referer: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/content/font.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Origin: https://ballyd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
last-modified: Thu, 13 Jul 2017 06:06:46 GMT
server: openresty
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=20217
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDA6MDpjaHR0cDoyMg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 228004
expires: Mon, 25 Jul 2022 17:32:14 GMT

GET
H2 200 adsense.svg
t1.daumcdn.net/tistory_admin/static/revenue/ 7 KB
7 KB 8ms
8ms Image
image/svg+xml 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/static/revenue/adsense.svg
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/revenue.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 780622a9dd88641ee22c3250bc058d3254bb4571cb4828c0ab409c464e6858d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/tistory_admin/assets/blog/tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5/blogs/style/revenue.css?_version_=tistory-a3d7070e10ececa008fc8a524a041e918eb75fd5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:17 GMT
last-modified: Mon, 28 Sep 2020 11:45:42 GMT
server: openresty
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=17079
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjI6MDpjaHR0cDoxNg==
accept-ranges: bytes
timing-allow-origin: *
content-length: 6974
expires: Mon, 25 Jul 2022 16:39:56 GMT

GET
H/1.1 200
OK api Show response
malcom-01.tistory.com/ Frame 9EFF 874 B
645 B 2359ms
267ms Document
text/html 211.231.99.250
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: https://malcom-01.tistory.com/api
Requested by: Host: ballyd.com
URL: https://ballyd.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 211.231.99.250 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: /
Resource Hash: 8d7a40c0a9240f740bba3414505d13363ed298baa3e1218d219cbcdf96a34aac

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 481
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Jul 2022 11:55:20 GMT
Vary: Accept-Encoding

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 338 KB
119 KB 148ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5359088211124029&plah=ballyd.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f92ae311a3556d2aae2b935249a0ab5b42e430c09b2fb266e1c39e6fadf619f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121831
x-xss-protection: 0
server: cafe
etag: 13096737861751203856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 11:55:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 5204 10 KB
5 KB 126ms
36ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:21:37 GMT
etag: 8616628553774171045
expires: Mon, 08 Aug 2022 07:21:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prev.png
t1.daumcdn.net/tistory_admin/lib/lightbox/images/ 1 KB
2 KB 10ms
9ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/images/prev.png
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Mon, 01 Apr 2019 06:13:06 GMT
server: openresty
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14218
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDQ6MDpjaHR0cDoyOQ==
accept-ranges: bytes
timing-allow-origin: *
content-length: 1360
expires: Mon, 25 Jul 2022 15:52:16 GMT

GET
H2 200 next.png
t1.daumcdn.net/tistory_admin/lib/lightbox/images/ 1 KB
2 KB 10ms
9ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/images/next.png
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Mon, 01 Apr 2019 06:13:06 GMT
server: openresty
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=18905
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjA6MDpjaHR0cDoxNw==
accept-ranges: bytes
timing-allow-origin: *
content-length: 1350
expires: Mon, 25 Jul 2022 17:10:23 GMT

GET
H2 200 loading.gif
t1.daumcdn.net/tistory_admin/lib/lightbox/images/ 8 KB
9 KB 10ms
10ms Image
image/gif 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/images/loading.gif
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Mon, 01 Apr 2019 06:13:06 GMT
server: openresty
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3945
x-wcss: dC1jb21tb24wMS1id2NhY2hlMTc6MDpjaHR0cDoyOQ==
accept-ranges: bytes
timing-allow-origin: *
content-length: 8476
expires: Mon, 25 Jul 2022 13:01:03 GMT

GET
H2 200 close.png
t1.daumcdn.net/tistory_admin/lib/lightbox/images/ 280 B
495 B 11ms
10ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/images/close.png
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/tistory_admin/lib/lightbox/css/lightbox.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
last-modified: Mon, 01 Apr 2019 06:13:06 GMT
server: openresty
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=18707
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDU6MDpjaHR0cDowNA==
accept-ranges: bytes
timing-allow-origin: *
content-length: 280
expires: Mon, 25 Jul 2022 17:07:05 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
645 B 133ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ballyd.com&callback=_gfp_s_&client=ca-pub-5359088211124029

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5359088211124029&plah=ballyd.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11c6165af4715d4cab295a5e7e21125b17b1b45f474f6f42e06dd01607ec3030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
50ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ballyd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 11:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
36ms Script
application/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ballyd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 11:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DED6 284 KB
76 KB 879ms
806ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&adk=2654006795&adf=462269707&lmt=1658750115&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fballyd.com%2F&ea=0&host=ca-host-pub-9691043933427338&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115671&bpp=3&bdt=2052&idt=244&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1977835787123&frm=20&pv=2&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ffb026752111724f048849b82ea96fc27fb417a0bde50b928b946487c57b187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 78029
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 11:55:19 GMT
expires: Mon, 25 Jul 2022 11:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F5A 93 KB
30 KB 598ms
539ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&h=600&adk=1055615259&adf=3161435144&w=230&fwrn=4&fwrnh=100&lmt=1658750115&rafmt=1&psa=0&format=230x600&url=https%3A%2F%2Fballyd.com%2F&host=ca-host-pub-9691043933427338&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115674&bpp=3&bdt=2055&idt=271&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1977835787123&frm=20&pv=1&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Pw359dk4T0&p=https%3A//ballyd.com&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d23d054cd5744b627b8e2b8b71bbb1e86a012177fe65a6944b38408a3e49902

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO21y9z9k_kCFfqGgwcd2dsF0w&gqi=poTeYvu4EryVjuwP-4WrwAk&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31083
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO21y9z9k_kCFfqGgwcd2dsF0w&gqi=poTeYvu4EryVjuwP-4WrwAk&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 11:55:18 GMT
expires: Mon, 25 Jul 2022 11:55:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync
webid.ad.daum.net/ 35 B
475 B 1473ms
250ms Image
image/gif 121.53.105.246
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webid.ad.daum.net/sync?v=0.0.1

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.246 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 11:55:19 GMT
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
p3p: CP="ALL DSP COR MON LAW IVDi HIS IVAi DELi SAMi OUR LEG PHY UNI ONL DEM STA INT NAV PUR FIN OTC GOV"
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4F5A 84 KB
30 KB 260ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&h=600&adk=1055615259&adf=3161435144&w=230&fwrn=4&fwrnh=100&lmt=1658750115&rafmt=1&psa=0&format=230x600&url=https%3A%2F%2Fballyd.com%2F&host=ca-host-pub-9691043933427338&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115674&bpp=3&bdt=2055&idt=271&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1977835787123&frm=20&pv=1&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Pw359dk4T0&p=https%3A//ballyd.com&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 18:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 25 Jul 2022 18:03:26 GMT

GET
H2 200 12006975553650015011_4367454166607388184.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 4F5A 227 KB
227 KB 258ms
42ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/12006975553650015011_4367454166607388184.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

696701ff246197eec19b99092471f6d12ae19607fac0d48cc9996d93a4833271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:26:34 GMT
x-content-type-options: nosniff
age: 242925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232059
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 09:45:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 16:26:34 GMT

GET
H3 200 23838098329328972_9664973358794916640.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 4F5A 181 KB
181 KB 141ms
61ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/23838098329328972_9664973358794916640.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b738e5021ff4263f6ed6f5e4dd01752156ec2b96f90fa6de52ff852c973271a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 17:42:19 GMT
x-content-type-options: nosniff
age: 238380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 184857
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 09:45:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 17:42:19 GMT

GET
H3 200 295769793922267533_18213550066902727067.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 4F5A 270 KB
270 KB 126ms
45ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/295769793922267533_18213550066902727067.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de75f74c16ee260673a91f8253b007a4d454690220b5ed46379dd071518ea753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:13:39 GMT
x-content-type-options: nosniff
age: 243700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 276542
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 09:45:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 16:13:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 4F5A 21 KB
8 KB 129ms
45ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:49:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 4F5A 3 KB
1 KB 132ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:44:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F5A 138 KB
43 KB 157ms
59ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 11:55:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 4F5A 17 KB
7 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:48:26 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 149 KB
53 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6db2f2c5bf1ca73cbabb3eddd5decae13084dfad2dc2a16e2ff194ba1e026c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54524
x-xss-protection: 0
server: cafe
etag: 13347682920175982380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 11:55:19 GMT

GET
H3 200 11858428725589417673
tpc.googlesyndication.com/simgad/ Frame 4F5A 4 KB
4 KB 123ms
48ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11858428725589417673

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb59dd732394f75e7af809d49406b1190e5b691b93829d57084f819fd2745d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 07:30:52 GMT
x-content-type-options: nosniff
age: 275067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3628
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jul 2023 07:30:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F5A 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZZnSpoTeYu3KE_qNjuwP2beXmA3a9smXaL_Ir6y_DszHmqb9CBABINbFxZQBYJXikIKgB6ABsLqh1wPIAQmpAq3ZvNF9G7E-qAMByAPLBKoEzgFP0Eg1zbMcAvcj9N9dG8ha579bhgEl7HoXdjFhBUBJlOR2GDXWa9Hvyb5-8ETyCb0vpIhV1ry_Fi2GSOqv-SsSkIgoaqHmJxIFqk6SufnSuRpEY5xQNZ70lHWiAo_qtNWBi5fQ53h8YNbE083Cmd-1XeFXSdYgP4OTkvx6aZdKOnX36cA0-Fx-htnzFtFz597osEODkjCt24QG5JnTN1H29yp7ukUkw8KfCchgamvHRnr94YauE0cwnTiu7agAqjECh8ZWko949vhWViC5BsAEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQsdsZ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNTM1OTA4ODIxMTEyNDAyORgA&sigh=_BmDR9k8Bl0&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&h=600&adk=1055615259&adf=3161435144&w=230&fwrn=4&fwrnh=100&lmt=1658750115&rafmt=1&psa=0&format=230x600&url=https%3A%2F%2Fballyd.com%2F&host=ca-host-pub-9691043933427338&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115674&bpp=3&bdt=2055&idt=271&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1977835787123&frm=20&pv=1&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Pw359dk4T0&p=https%3A//ballyd.com&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 25 Jul 2022 11:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Jul 2022 11:55:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 121ms
48ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ballyd.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 82ms
39ms Script
application/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ballyd.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame 519D 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 18:21:11 GMT
etag: 8616628553774171045
expires: Sun, 07 Aug 2022 18:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame A627 10 KB
4 KB 37ms
36ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 18:21:11 GMT
etag: 8616628553774171045
expires: Sun, 07 Aug 2022 18:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 519D 4 KB
1 KB 137ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 11:19:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 11:55:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 11:55:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 519D 205 B
743 B 124ms
37ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 01:42:20 GMT
x-content-type-options: nosniff
age: 36779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 25 Jul 2023 01:42:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 519D 604 B
694 B 125ms
37ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 25 Jul 2023 11:49:56 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 519D 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:45:57 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 37 KB
10 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2cd2d7cf9156384089a56f92908bfe026cb4001e3273a1af1cf541de80a25b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=0
content-encoding: gzip
content-length: 9856
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 10:55:22 GMT
expires: Mon, 25 Jul 2022 10:55:22 GMT
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A627 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeJykpoTeYsfQE4CFjuwPu52C4AewgePRY93Y0b-4Dqf90o3RJRABINbFxZQBYJXikIKgB6ABuITk-QLIAQmpArKaq5zFK7Q-qAMByANIqgTdAU_Qfn6OkbF-uQy4Z7LHZRNkNiY9ASHFcpDOxIrcK3v2LgBI-F15-d-Pt5G8BnC4Xj8X6PsyWEyAOr5RR6m_w7IIZ_7u-bTx2fxqOwMB1aiyLi2fBFaQeJVmseaCvGs_IUTCYVzqP4NL0oI8AtABNBXzhgXwjerlt7cD8WrtgPb7S7qIlxIso5cPSJJbTOzn39Q_uqjNKf8t5L9TqQ8NwWQcVwAscpcVxxPc9pLdK6h96mNCMYOXkdHt-AL5lCHCM-hTp3zUqgIKh-SkiDfe0XgdRfY1nRjzIARl2pczwATSmJ_41QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsPubhgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC5zmzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi01MzU5MDg4MjExMTI0MDI5GAA&sigh=vjF8efb5ez4&uach_m=[UACH]&template_id=419

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 25 Jul 2022 11:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame A627 21 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:49:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A627 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=1-%26adk%3D2654006791%26client%3Dca-pub-5359088211124029%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26xpc%3DgyDlCeezZn%26p%3Dhttps%3A%2F%2Fballyd.com

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 011B 143 B
163 B 37ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359088211124029&output=html&h=600&adk=1055615259&adf=3161435144&w=230&fwrn=4&fwrnh=100&lmt=1658750115&rafmt=1&psa=0&format=230x600&url=https%3A%2F%2Fballyd.com%2F&host=ca-host-pub-9691043933427338&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658750115674&bpp=3&bdt=2055&idt=271&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1977835787123&frm=20&pv=1&ga_vid=603201099.1658750116&ga_sid=1658750116&ga_hid=541242918&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067527&oid=2&pvsid=3011665269797543&tmod=1093264240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Pw359dk4T0&p=https%3A//ballyd.com&dtd=278
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 11:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame DAE6 6 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2639
x-xss-protection: 0
server: cafe
etag: 15893831270588722589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 26 Jul 2022 10:06:05 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame DAE6 26 KB
10 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 26 Jul 2022 11:10:28 GMT

GET
H3 200 ST6D_24_90px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 37 KB
37 KB 61ms
52ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ST6D_24_90px.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 493949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37693
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
server: sffe
date: Tue, 19 Jul 2022 18:42:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jul 2023 18:42:50 GMT

GET
H3 200 TR6P_90px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 35 KB
35 KB 76ms
72ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/TR6P_90px.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 236050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35526
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
server: sffe
date: Fri, 22 Jul 2022 18:21:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jul 2023 18:21:09 GMT

GET
H3 200 Logo_in_Orange_Box.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 23 KB
23 KB 76ms
74ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/Logo_in_Orange_Box.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 20054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23485
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
server: sffe
date: Mon, 25 Jul 2022 06:21:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Jul 2023 06:21:05 GMT

GET
H3 200 CTA_DE_90px.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 29 KB
29 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/CTA_DE_90px.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 236049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29219
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
server: sffe
date: Fri, 22 Jul 2022 18:21:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jul 2023 18:21:10 GMT

GET
H3 200 mo_power_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 4 KB
4 KB 83ms
80ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/mo_power_DE.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 20054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3807
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
server: sffe
date: Mon, 25 Jul 2022 06:21:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Jul 2023 06:21:05 GMT

GET
H3 200 mo_performance_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/ Frame DAE6 5 KB
5 KB 85ms
82ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/mo_performance_DE.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 20054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4987
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:47:22 GMT
server: sffe
date: Mon, 25 Jul 2022 06:21:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Jul 2023 06:21:05 GMT

GET
DATA 200
OK truncated
/ Frame 4F5A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58ab3816f3fa4132713aa66b2279b09a9ed7146c29c40a6f8b6f685f29236fef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D59 143 B
163 B 42ms
39ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 11:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A627 3 KB
1 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:44:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A627 138 KB
42 KB 153ms
71ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 11:55:19 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 011B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

99ms
99ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 11:55:19 GMT
expires: Mon, 25 Jul 2022 11:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 11:55:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A583 2 KB
903 B 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:42:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame A583 21 KB
8 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:49:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A583 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:44:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A583 138 KB
42 KB 87ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 11:55:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A583 17 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:48:26 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame A583 30 KB
13 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 21:51:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D59
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

102ms
100ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 11:55:19 GMT
expires: Mon, 25 Jul 2022 11:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 11:55:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A627 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 11:48:26 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 569C 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: ballyd.com
URL: https://ballyd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 08:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:05:34 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame DAE6 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 08:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:05:34 GMT

GET
DATA 200
OK truncated
/ Frame A627 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80b2dde00af56570a929b7fb14fb1555f1736ec734992f8d5a1b89d4d551251a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D0C 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 08:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:05:34 GMT

GET
H2 200 track
stat.tiara.daum.net/ 35 B
1 KB 1134ms
254ms Image
image/gif 121.53.105.132
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stat.tiara.daum.net/track?d=%7B%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.1.21%22%7D%2C%22env%22%3A%7B%22screen%22%3A%221600X1200%22%2C%22tz%22%3A%220%22%2C%22cke%22%3A%22Y%22%2C%22uadata%22%3A%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D%7D%2C%22common%22%3A%7B%22svcdomain%22%3A%22user.tistory.com%22%2C%22deployment%22%3A%22production%22%2C%22url%22%3A%22https%3A%2F%2Fballyd.com%2F%22%2C%22title%22%3A%22%EC%95%8C.%EB%93%9D.%EB%B0%94.%EB%93%9D.%22%2C%22section%22%3A%22%ED%99%88%22%2C%22page%22%3A%22%ED%99%88%22%2C%22kakao_app_key%22%3A%22b8aef3eeb03fa312b81795386484f051%22%7D%2C%22page_meta%22%3A%7B%22id%22%3A%225456462%22%2C%22name%22%3A%225456462%22%2C%22type%22%3A%22blogIdOrEntryId%22%7D%2C%22etc%22%3A%7B%22client_info%22%3A%7B%22tuid%22%3A%22w-rLFRUiMmHb3c_220725205518138%22%2C%22tsid%22%3A%22w-rLFRUiMmHb3c_220725205518138%22%2C%22uuid%22%3A%22w-GMxv8m5CIFzy_220725178806752%22%2C%22suid%22%3A%22w-GMxv8m5CIFzy_220725178806752%22%7D%7D%2C%22action%22%3A%7B%22type%22%3A%22Pageview%22%2C%22name%22%3A%22%ED%99%88_%EB%B3%B4%EA%B8%B0%22%2C%22kind%22%3A%22%22%7D%2C%22custom_props%22%3A%7B%22userId%22%3A0%2C%22blogId%22%3A%225456462%22%2C%22role%22%3A%22guest%22%2C%22filterTarget%22%3Afalse%2C%22trackPage%22%3A%22%ED%99%88_%EB%B3%B4%EA%B8%B0%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.132 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 11:55:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET,POST,OPTIONS
p3p: CP="ALL DSP COR MON LAW IVDi HIS IVAi DELi SAMi OUR LEG PHY UNI ONL DEM STA INT NAV PUR FIN OTC GOV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 135ms
54ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a304035d1ca8e6e3c059f993a918ccb6614a4a21fd0960735cfbf2a146a820d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10798
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F5A 42 B
64 B 154ms
75ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss82_gYiSciITnEG1gtRLsEFKS9V1oQjLho3wPIzDwYwJAOWeWC_8NUvL7A2ggOvA9MCURc_NV1qFbE2GbAYbaqeIgsZUExXzztyF8YDtTAlRKyFfN00f1ReV7d50zk128Z2l9q8nY4Zx4c&sai=AMfl-YSbMmSNYlMYHPfn_417MAHqCX6bRfYMAwNaGK_IpUkdI8ZDM3f0lv0K8oLDPb3a5Vg849HtBZiaH29t&sig=Cg0ArKJSzJxu02sJbOq4EAE&id=lidar2&mcvt=1005&p=0,0,600,230&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=21&adk=1055615259&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658750115953&rpt=1169&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 11:55:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 11:55:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8132 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 10:57:18 GMT
expires: Tue, 25 Jul 2023 10:57:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 31C3 783 B
537 B 128ms
46ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5a4282723920385d76812f9d113f8d3e20541b64bf34ea55467d3b8d98ba24b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4DXpV90n4rVwLm28KFxKhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ballyd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-4DXpV90n4rVwLm28KFxKhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 11:55:20 GMT
expires: Mon, 25 Jul 2022 11:55:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A627 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGFt6pShn6dmNet54t0BCr_vzskPdidiiz0_oWgLUD3Wg0j1-61zXQ_mTh9LmGh5m8NAagkr9GAd9GwSJQSFJrOS3V0JFwpKlGOvbPznsBewjqUxgAngfRk_hXTbPr5IDbHNMo6KGUfcq1&sai=AMfl-YTkwhpy4U3neUXkQbL3jLq0BF5LLl1EASb6fwE3Oua-YGAP92p0efVj8caMK1FUWpT94xD7Xr6MKFz_&sig=Cg0ArKJSzNMmxjzp7c2GEAE&id=lidar2&mcvt=1003&p=0,1,124.25,1006&mtos=0,779,1003,1003,1003&tos=0,779,224,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2654006791&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658750116948&rpt=437&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 11:55:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8132 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 08:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:05:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31C3 0
0 136ms
136ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=3011665269797543&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8132 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oRTiow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 11:55:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 140ms
140ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=3011665269797543&bg=!nZ6lntrNAAacadVKvGk7ACkAdvg8WlD9bgEVIxXU0wsYIqHI86NXnM9-uVxWunCm9SOP61AiawVUvgIAAABzUgAAAANoAQcKAIP5F3VfqIzOqQ5BU50IKjSdHVkFnpKUbQphjzHoNyYhoIThd8vzndGcZMuCTQsbi2Frr07oYCT8-dZYYbxP-sZbLymPjBzg1fGLZC77L2n8bi6rCVq61m-o1tmHd4GnP99M26MstRos2Rf8Tg1GpAB7f5fyNxLTr1e-MKu3lo4gcZOXjZkCkJ2blI4M8dg7wc-qqAM0UQ21pw1_vjQir39GXytutRXafOz0DK1JfNAq4MmNCNTxYKqZgq1refxPB3OuItQbxnQ1btxVP1kuPCU6zjm7DL_GIv1nFop4ms0CJwoPs5pkcqXdfW00X9Yi7VYCTckQ0LdoEcRdoIoajDKl6n7bBNvIKdjjtM6tECvlCpOeXd1u6V5uuSJuLNm8qRE7geIaOaqaNPQFMLfxYp56rvlL48xelAQFBknOeJ3MsfNxmtK8PAu_Jop_OCgVTQ8dFTA3mlkST2PHvEiApYQqd_xGTE3kzl2GIgoOITViXFv-hzImyWmPgnG5Ug4WdUm66yz4h3C_cexiJmL8H6pGTvImt4-0qfsKd2d30_xAomj-4FJfz-4OEAWVQaXbrq6vNcWI7Kom_zmAqZsn54Kv8V1FrIhBJXpzNPtSHp9N9qodht66zOyVZW15Ul0Cyn0dwQ6432KxI0eAwJ3SWHaYqENntzTgSDoStqzBtpFTOdMmY7fosXhH5mPkIhb514twQOCxrwaIXDg7nWGSIaEt423SeG--hf-_95mlQalYCtuPKvy7bpKXUmQzVLjwEHSzPyUXNLw1ycNSlSO8RBbI-uEfsmQ1DO8F65O1LDDdEJcDSw847ImGBL5W3Va-hqyIiVk9og-2828D8_itApgBtaqwxncqGXevR9CFXCBNwZjL6CqoHwQIG20yv8NZ_VhBq-tqpBuN3ifezB2CUqAi7dwQfQhTWAp89I6rZIUF7PQBcbw_2fOsAIZn1lUkSp6rQw0ULgWVYqUcV3WeQqny-Pwkl7R8Kf8S_UbUS-jUHjwu_D208etSbeqW9UIAD9A9E8Nx5zG7pnyccvwaaeVsk62_IX1W
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ballyd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ballyd.com/	1969-12-31 23:59:59	Name: __T_ Value: 1
.ballyd.com/	1970-01-20 14:07:26	Name: __gads Value: ID=d4b628f46d1bff02-22c77eabdacd0075:T=1658750118:RT=1658750118:S=ALNI_MYsRaOVUIi9CquBy3ieDVVtsxe_TA
.doubleclick.net/	1970-01-20 14:07:26	Name: IDE Value: AHWqTUn2KOeyxv10F7tXJdcREnbeBHrZ0zlYPLEu8KMvTc_X0NJ0RZf7DYWqIfeJArE
.doubleclick.net/	1970-01-20 04:45:53	Name: DSID Value: NO_DATA
.tiara.daum.net/	1970-01-23 20:21:50	Name: TUID Value: w-rLFRUiMmHb3c_220725205518138
.tiara.daum.net/	1970-01-20 04:45:51	Name: TSID Value: w-rLFRUiMmHb3c_220725205518138
.tiara.daum.net/	1970-01-23 20:21:50	Name: UUID Value: 5fqNunV4jmfl9KphQeF3f6LS_T8wQGJi3oxR3ug.2nx5yUXScbHEhg00
.tiara.daum.net/	1970-01-20 04:45:51	Name: _SUID Value: w-GMxv8m5CIFzy_220725178806752

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11831579056473564629/index.html?v=b208246486' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ballyd.com
cdnjs.cloudflare.com
developers.kakao.com
fonts.googleapis.com
googleads.g.doubleclick.net
i1.daumcdn.net
malcom-01.tistory.com
pagead2.googlesyndication.com
partner.googleadservices.com
stat.tiara.daum.net
static.doubleclick.net
t1.daumcdn.net
tistory4.daumcdn.net
tpc.googlesyndication.com
webid.ad.daum.net
www.google.com
www.googletagservices.com
www.gstatic.com
121.53.105.132
121.53.105.218
121.53.105.246
203.217.238.40
211.231.99.250
211.249.219.23
2606:4700::6811:180e
27.0.236.139
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4014:80f::2002
2a02:26f0:3500:12::1730:17a6
01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2
048bd1d6d59f1711399472eb6a9f4e903bf585fdc9afef55e7b4e2d126248f6e
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
09f3b42e74c9e2baf65c27f00c121539b7c366f24e823aa43f62a7682e0708d8
0c3b16a26406d5a4ac112d97ab2e40a53c8f85317172ea49e931bf6366654a24
0e2cd2d7cf9156384089a56f92908bfe026cb4001e3273a1af1cf541de80a25b
103879c5c440abb2a7f28351aee2f67f4b3727adb3e5b014b81e0425a9c9dc2a
11c6165af4715d4cab295a5e7e21125b17b1b45f474f6f42e06dd01607ec3030
1279fcc712f3e0c4d9abc47236af243acd2976902874605f6c6e90cb58493c92
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ecfbce128d1138ef6433d46b67b8693b0d68567ab95b439c99aaa687672cba
1b81646cc6f446e8c29b03c0a7b6533bf25a42ab6f051265158d5eaed66604ba
1ef0b30605489c50c957cab991a30cbd2a5aef800afe106e7554e3bf2141ca95
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
23713b70e4170afdece5f1cce5ecac1ae95c449196a33b250939e9b950f09b20
2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824
2e027de64e1a747b39ef0d16c07e55751c8e31a4d3178d1e7e487b35f1d47404
2fb9e7ee98b3256d3de984abc4c136b6907e6be8677fc759643c90b17dfa90de
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
34ad24540429cd63280328d6b4ba13f5eb970d8f3f4f7d1da94ce289b90b731a
387a7c2f62ecb07562cca51a649f9bb50cb5691d768f320c52dd199a6364295b
3967cd5e9e6a3ff784012770b7c6daa6e1d7dd51e6f8bb926bf3990ddd792cba
3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153
3e15daafaf5a751d51622b5c9b602e7ed636d2ea4c6ffaa815ec0809a81ffaef
4174d0a1cd646953458116b9aa524a520b4ccee200d8144f91e71a7e3147ddcc
445943a8ef9cb1890e3089c92345aa6ca141857de3a942db36aa53a1751d6971
46b2def093d9fa8b8d1917e17178bf06d9743d9c971acddca009908eb17e5d79
4a32d664e49bea57afc1165c773f564beab7d7dcd7b9e085b4585ed1cbbd48d5
4bb3a3ef9b2959c214e3619460aad1df52d6d2d0383bc9df9b6c45a69d5fdcae
4d23d054cd5744b627b8e2b8b71bbb1e86a012177fe65a6944b38408a3e49902
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f92ae311a3556d2aae2b935249a0ab5b42e430c09b2fb266e1c39e6fadf619f
50b85ae87d81fd3c63bcc8d7b60a215d1d720726cf31ea01427d1387c0bbde44
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562ac788b30dea68e785ab911c36d0d64ff5c5a07318a5d7d9aa16bf0e9d45fc
576e677b6650e7cbf44fd64eadb1b6b5851c547ac872e8c4a609515e33218a70
58ab3816f3fa4132713aa66b2279b09a9ed7146c29c40a6f8b6f685f29236fef
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6267391b7cd6d36a13696c19caab7e86d7f776c9d2b64eadb8f2804fc276b00a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
696701ff246197eec19b99092471f6d12ae19607fac0d48cc9996d93a4833271
6ae3e827093ff912ba2929226fdd8392ad58e6112466f2adbd2c2e72cd794a48
74d9e0f8dc45b5d62368eb39646bff14aa180f2fdad42ddbb1836d4205b950da
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
77655b7583a1bcb7d4de0bbfe6a1b1fca358b824f105c418555707d48858c9ff
780622a9dd88641ee22c3250bc058d3254bb4571cb4828c0ab409c464e6858d4
7b25b904c50d63fc5f248e47b43c88a4202b2efbd941b12ce440cd36f9355d1e
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
80b2dde00af56570a929b7fb14fb1555f1736ec734992f8d5a1b89d4d551251a
830302ea423c4bacb3def01c50df661e34e7d230135b27a9a269c93194ebc18f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b738e5021ff4263f6ed6f5e4dd01752156ec2b96f90fa6de52ff852c973271a
8d7a40c0a9240f740bba3414505d13363ed298baa3e1218d219cbcdf96a34aac
8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7
902884a3cbb6ad080f678d40308f60913a1390d036d6720393a40810f2f45e09
903b9049e7415e39f1cd981052b20b36f9c12fc4df8e5668ecfa718f3542e047
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9b47d998d011598cff2c9234dc219ac3c80069ced37e3349832d1a82f8bcbb25
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9ffb026752111724f048849b82ea96fc27fb417a0bde50b928b946487c57b187
a146f259c15751a43c77e50de8d649fb34a51fcc636440855511ea8a5e4dd18c
a304035d1ca8e6e3c059f993a918ccb6614a4a21fd0960735cfbf2a146a820d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6faad524e6c65e28f309ce5495d723292e77c6a975378ec75d47711b2716f24
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b06eccc635053585bd65de7ae9475d7cb3ca8000687d83877ef3e90ab62deefd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c0dbfee13d8b64090d1af25f93ee3ee822babb0831285f09ac2a75b49773cc
c5a4282723920385d76812f9d113f8d3e20541b64bf34ea55467d3b8d98ba24b
ca5f4ac3f7dcd3f430ab8626cf76c95586e5141efdd28e229c3f51fbcf0a7307
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
cd401195ad75a5b94476a2b163aa43012d63f91b722a57de1cd73052264046af
d278d43fe3b526ff9be7026ac8f6bf8c371273b3d48397551b5adcffb912e32a
d49a0f4620e81dbca0b480d3fe7e66b536e1f963427a37c97a22d27f17aa66e8
d6a86f52afd8953b29e7e50e2ad9d9dcca59c70e8844d58b3155c6d3dcc2170b
d6db2f2c5bf1ca73cbabb3eddd5decae13084dfad2dc2a16e2ff194ba1e026c4
d76652e02644cc28bcf6e449c522da2442dcd1b6da7571da0fe4c284282c557e
ddbf7253a850080d1244ddce03ca7181ac0d26cdcecd0e8fa5ba69ebc11b6690
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de75f74c16ee260673a91f8253b007a4d454690220b5ed46379dd071518ea753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58ef3d550a13f478c289a5edf1fdd3a56c843ef61cae2e2b2edd12520e7ac34
e9bbcd4758f8fae5bafe6d96de05c6e16d568892d98e46306bda8cb2a984d64b
ea95ffe1b49bfc2012901e4fe9ab4f142e83656716d9a522d93b1cf6430c8de7
ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d
ec38325209b24d9421a582d18f33c94872d3ece847dac02ff5c37fc60e4b29e9
eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c444292999bfd3e659d4ace7f649d1966759e9bda12239470dad8a915b125a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb59dd732394f75e7af809d49406b1190e5b691b93829d57084f819fd2745d90
fc61ee41f8b3b5a657a9090681e1db984d79806e58c98d99a7ba9b6a984e2922

ballyd.com Open in urlscan Pro 27.0.236.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

100 %HTTPS

65 %IPv6

14 Domains

20 Subdomains

21 IPs

4 Countries

2832 kBTransfer

5017 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ballyd.com Open in urlscan Pro
27.0.236.139 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

100 %
HTTPS

65 %
IPv6

14
Domains

20
Subdomains

21
IPs

4
Countries

2832 kB
Transfer

5017 kB
Size

8
Cookies

123 HTTP transactions
3 data transactions