www.balatarin.com Open in urlscan Pro
107.178.241.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://balatarin.com/
Effective URL:
https://www.balatarin.com/
Submission: On August 29 via manual (August 29th 2023, 8:41:22 am UTC) from DE — Scanned from DE

Summary HTTP 161 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 29 domains to perform 161 HTTP transactions. The main IP is 107.178.241.59, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.balatarin.com. The Cisco Umbrella rank of the primary domain is 464472.
TLS certificate: Issued by R3 on August 25th 2023. Valid for: 3 months.

This is the only time www.balatarin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	107.178.241.59 107.178.241.59	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	18.66.97.124 18.66.97.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
40	54.231.195.72 54.231.195.72	16509 (AMAZON-02) (AMAZON-02)
1	99.84.93.105 99.84.93.105	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
7 19	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.213.146.58 52.213.146.58	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	34.252.154.12 34.252.154.12	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.122.33.96 3.122.33.96	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.196.113.49 18.196.113.49	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:999f:1d55:f8df:b156	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:3200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:770b:e7be:3f6f:3579	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
161	31

3 107.178.241.59 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 59.241.178.107.bc.googleusercontent.com

balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.97.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-124.fra56.r.cloudfront.net

assets.balatarin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 54.231.195.72 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.93.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-93-105.muc50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.16.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.146.58 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-146-58.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.154.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.33.96 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.113.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-113-49.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:999f:1d55:f8df:b156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:770b:e7be:3f6f:3579 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	450 KB
40	amazonaws.com s3.amazonaws.com	314 KB
38	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 stats.g.doubleclick.net — Cisco Umbrella Rank: 93	291 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 914 static.adsafeprotected.com — Cisco Umbrella Rank: 632 dt.adsafeprotected.com — Cisco Umbrella Rank: 586	101 KB
9	balatarin.com 1 redirects balatarin.com — Cisco Umbrella Rank: 441256 www.balatarin.com — Cisco Umbrella Rank: 464472 assets.balatarin.com	224 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	6 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	5 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	130 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3101	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	170 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 877	2 KB
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7139	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 864 r.turn.com — Cisco Umbrella Rank: 4052	869 B
1	google.de www.google.de — Cisco Umbrella Rank: 6490	408 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 352	146 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 766	98 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	104 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 648	338 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 771	338 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6414	556 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 800	716 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	731 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 798	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	605 B
1	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 8712	8 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366	34 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	84 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
161	29

	Domain	Requested by
40	s3.amazonaws.com	www.balatarin.com
30	pagead2.googlesyndication.com	www.balatarin.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
19	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net www.balatarin.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	assets.balatarin.com	www.balatarin.com assets.balatarin.com
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.balatarin.com securepubads.g.doubleclick.net www.googletagservices.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.balatarin.com
4	s0.2mdn.net	www.balatarin.com googleads.g.doubleclick.net s0.2mdn.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	ius.ctnsnet.com	2 redirects
2	fw.adsafeprotected.com	1 redirects www.balatarin.com
2	www.balatarin.com	ajax.googleapis.com
1	www.google.de	www.balatarin.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	beacon.krxd.net	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	z-na.amazon-adsystem.com	www.balatarin.com
1	ajax.googleapis.com	www.balatarin.com
1	www.googletagmanager.com	www.balatarin.com
1	balatarin.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
161	41

This site contains links to these domains. Also see Links.

Domain
play.google.com
help.balatarin.com
www.balavision.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www.balatarin.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.balatarin.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
z-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-18` - `2024-02-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.balatarin.com/
Frame ID: 3156AFE38F2CEDC5F664420F5B918609
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230824/r20190131/zrt_lookup.html
Frame ID: EEB4B4DE84446BF1408BB28EFDDA2F88
Requests: 1 HTTP requests in this frame

Frame: https://6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 99FCD3ADF52D8206A091D939728C23B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1693291276&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476003&bpp=5&bdt=621&idt=320&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6058371957678&frm=20&pv=2&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=356
Frame ID: 3B94899FF5DEB27BBF8E69F030AF9D3F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuQdk8eZ1EdkMy8bR7uTUo2-53PfZ8QgvQ80EfKGOEbZU3tmCpGnmVENOlhYmk8HfwOTAiplDSZTnIAGudhenDJRYc5hB_vgD5G-6wpCrwQ8kp9FI3UHVEagTq3CtXqTbFyQVljBWFb7o-8hnnDjazyYc98CPXXnCtGgWvKrkiGtarYr2tcob4vWtXe5uufilA1ld13rYPRk4V8z6CLjk6nD0_B3BR83J2_w4OqS7FTA97acia5kYFgvh6bom0dipI3uXWUY0tNrDLthIS9x0KWyVeGk1aq_AaHFP100jMlIECimXn0Gp7-uPLlsWXjAqvPksgqFK01w&sai=AMfl-YQiDIBijBoQdNDRbvPHUw2JbPbx5jIy6E40FjLwkkMTojC5Z9Alg-xjhT-VBXclIkxffwjz4HVh_zZZoPVtKI_VLfk0OSnN10QaaIvD0pBbKrkwpmzULtF0yOe7LA0RP3081ZwMATNahJpE-My-&sig=Cg0ArKJSzGFW-lGddFVlEAE&uach_m=[UACH]&adurl=
Frame ID: 6374F42CE81BBBDB83CD83446BF9D852
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Frame ID: DE95638EFAFA3F09A31023331211F47D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Frame ID: BF20D8D1351140620B236AF55BD33C7F
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1693291276&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476014&bpp=1&bdt=632&idt=423&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90%2C336x280&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=1152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=fWwPiBEMsy&p=https%3A//www.balatarin.com&dtd=426
Frame ID: 96A02EE1947D443439FEB32006B17651
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYqcSW8wEwAQ&v=APEucNUZnRgxmJCJNx_CiRCSqjZkMkoURyWWHcKdc-cW5LpJGA5BpExIG6XzSobniXUgAcF3X8H8D7azkpKtxbn-gcgJgT_kJdm3mNkLYmqCmFKFca0q9RIYs4OG7i5p2M41mHkI9KurjVMdLN_1mG0dfcDyvFxki2adxOBf-wb_yzt9IdnHTDU
Frame ID: E87A50FD9A551D8ED09EBBF9C9182AF3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 564DC29AF63BE01CA1AFD91C25525DEE
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDgh9qvAxiVgtfJATAB&v=APEucNUjHaddY779q-zJ3qVm-eDcVvvyeT4pRVaMfP7nKCH8XScVv_2cMMJvLLUAhN6T-5sZZN0G95BLdu6l_-t3kyheBzVB-mqBM4Lf4pa5JC4o2j_Lg8FRz6CshJd7FMCEHFLUGxFXqTErHhUdquI8fQJdZPBfeV-gTBP-gIl7P21n9Nlfeyo
Frame ID: 8C1F591AAF015DE67C02927164B2A30F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BE12E0B67A641C23798D762D345CB78
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3042D85A68868A5782A0ACF40F2EB1F9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2CF36E27FC18E37435BBD9699E485A4B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A76B666BA70FE262162A91DF0800EAC4
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 08725EBADB3374A4431136E37F6D16D4
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5114669831148726762/index.html?ev=01_250
Frame ID: B21C7D78392585A33AA97E25AAF86197
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAA8D42245F70837A681727E0FF4489D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39E613D8784B8E5E499C90EDDA871563
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بالاترین: لینک‌های منتخب

Page URL History Show full URLs

http://balatarin.com/ HTTP 307
https://balatarin.com/ HTTP 301
https://www.balatarin.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

88 %
HTTPS

51 %
IPv6

29
Domains

41
Subdomains

31
IPs

8
Countries

1812 kB
Transfer

4611 kB
Size

27
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.balatarin.android.app&hl=fa&utm_source=balatarin.com&utm_campaign=launch&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://help.balatarin.com/
Title: راهنما

Search URL Search Domain Scan URL

URL: https://help.balatarin.com/home/advertising
Title: آگهی

Search URL Search Domain Scan URL

URL: https://www.balavision.com/
Title: بالاویزیون

Search URL Search Domain Scan URL

URL: https://help.balatarin.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/balatarin

Search URL Search Domain Scan URL

URL: https://twitter.com/balatarin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://balatarin.com/ HTTP 307
https://balatarin.com/ HTTP 301
https://www.balatarin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO2vLJh6.a.C8oprCPVKCQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1

Request Chain 88

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExNTI0OTkwNzg4ODYyMTY0OA%3D%3D

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO2vLJh6.a.C8oprCPVKCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyMzA1ODc2MzA2NTE5NTM3NA%3D%3D

Request Chain 107

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB2saP7_LuIarICE0eFZyiM&google_cver=1&google_push=AXcoOmTbN7Cf4PVRLmCT20mNHQdaEJWsrQUQkLCUyvSghrs1UNFElOB7sOhSV2PvNJd0jAYNEWtTRt1FySOsKVOKeBu0-N5nT1pj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQyNDc5NDI5ODQ4NzIyNzk5MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEETkbl8YuuXezeLu_Phb7Ys&google_cver=1

Request Chain 109

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECrdngpqwhnYCf5WqdfV78w&google_cver=1&google_push=AXcoOmRCjCcpUpz-LrA7r5s74ka7LpnXc7y9i62k-fnMtmaU5AJ-e661l8ko9weEYHCjfQqJtOWtgkVhNBtlkuguIOo6ikDauYYOew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRCjCcpUpz-LrA7r5s74ka7LpnXc7y9i62k-fnMtmaU5AJ-e661l8ko9weEYHCjfQqJtOWtgkVhNBtlkuguIOo6ikDauYYOew

Request Chain 110

https://um.simpli.fi/gp_match?google_gid=CAESEM-1a7PHcTBst73-nvKUHoY&google_cver=1&google_push=AXcoOmR9YqP8qpx0CjkCUZbX5Rup-gxqLeP8HdOjOlWNyGA9m9cS7Af6rb9n8sCcLO2dmmfrxVg3qaqdCl9jxgKhE8IpJVWmBavAPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=21AA6F8B9DC54C1C86DB29876EB68615&google_push=AXcoOmR9YqP8qpx0CjkCUZbX5Rup-gxqLeP8HdOjOlWNyGA9m9cS7Af6rb9n8sCcLO2dmmfrxVg3qaqdCl9jxgKhE8IpJVWmBavAPA

Request Chain 111

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL-2W10Rcn_NCCuOw69EK14&google_cver=1&google_push=AXcoOmRRcWiAqOx6CWaHnB1Zkpb3NQb_93rp7dy7tFdWWvPEPPYklficbI7D0TpIiOwRftUTghdXVJy0xxV2UdZwFW52FZGqjJHUTw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOVF6JKYS1Ct7MAgqRF00w2&google_push=AXcoOmRRcWiAqOx6CWaHnB1Zkpb3NQb_93rp7dy7tFdWWvPEPPYklficbI7D0TpIiOwRftUTghdXVJy0xxV2UdZwFW52FZGqjJHUTw

Request Chain 112

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC1EcxjJ5yTagZrHSu49nd4&google_cver=1&google_push=AXcoOmSs38ITYNGOzLRfNpGV91kVy_yOO7hQmKh896XRI2NXp6HXf3AZlxd6mTMGaEaEsmT_chyh8FsxE6ZjgqThTr0uYJG_ds5hfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSs38ITYNGOzLRfNpGV91kVy_yOO7hQmKh896XRI2NXp6HXf3AZlxd6mTMGaEaEsmT_chyh8FsxE6ZjgqThTr0uYJG_ds5hfg

Request Chain 113

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELu3scMliTz6o8Nxxrr1LtU&google_cver=1&google_push=AXcoOmS6O6MVyQzmcZbRGmWg-F-QjKTdnb7Sn6j0uadMbTEQRVMcQQusPVyWzje7gkjxU3Tcr3vo7MNw4EeXJivkcAekQgbUL1szK30 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6O6MVyQzmcZbRGmWg-F-QjKTdnb7Sn6j0uadMbTEQRVMcQQusPVyWzje7gkjxU3Tcr3vo7MNw4EeXJivkcAekQgbUL1szK30&google_hm=-bAz0c2YRIOwxieRpDQz8uk

Request Chain 126

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cver=1&google_push=AXcoOmSnC8XS-OzYvBMhQr1cLV9rDr5wmQK2EFADpPaNxJSjWzAMYKaAmM0aO5CyLlc_faxBS5TGVVkiVl8Nyo_OautTze0sI8_1FBA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cver=1&google_push=AXcoOmSnC8XS-OzYvBMhQr1cLV9rDr5wmQK2EFADpPaNxJSjWzAMYKaAmM0aO5CyLlc_faxBS5TGVVkiVl8Nyo_OautTze0sI8_1FBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TkxzRmNsM1IxUUFVaEw1&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cver=1&google_push=AXcoOmSnC8XS-OzYvBMhQr1cLV9rDr5wmQK2EFADpPaNxJSjWzAMYKaAmM0aO5CyLlc_faxBS5TGVVkiVl8Nyo_OautTze0sI8_1FBA

Request Chain 129

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENZLOTuy92Ok0B6_ecnEvvo&google_cver=1&google_push=AXcoOmRD8TitulMMQ0AS1IajROZTfk8tAi--kKtCyPL0kgn0A3AHIJalXKl-5CI4zDjKGelbMoArysWXpPBLrCuMnsIfv8BHkixgFB8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD8TitulMMQ0AS1IajROZTfk8tAi--kKtCyPL0kgn0A3AHIJalXKl-5CI4zDjKGelbMoArysWXpPBLrCuMnsIfv8BHkixgFB8&google_hm=eS16X2ZxWDBoRTJwSFA2T3JMaHZoNmdwQWtzWkU5dktLT35B

Request Chain 131

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPwOSSfkWgLgCgruxNITf2w&google_cver=1&google_push=AXcoOmRM-YlBJgOcePlghhjM-oe8Z5kPFoJbILzM326S_yveyDlrnuow9JCwRorbYjRaaB4_j1p6df9q8vE8gMMGKSpwhoy2DT-VOaqn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRM-YlBJgOcePlghhjM-oe8Z5kPFoJbILzM326S_yveyDlrnuow9JCwRorbYjRaaB4_j1p6df9q8vE8gMMGKSpwhoy2DT-VOaqn&google_hm=-bAz0c2YRIOwxieRpDQz8uk

Request Chain 133

https://fw.adsafeprotected.com/rfw/st/1593509/73171254/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014058579&ias_pubId=pub-7031645305449270&ias_chanId=1&ias_placementId=20439850497&bidurl=https://www.balatarin.com/&ias_dealId=&xsId=ABAjH0htzgmoDKL94O5jB5N1p7yq&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0htzgmoDKL94O5jB5N1p7yq&adContainerId=brand_safety_LK_tZPraOISk9u8P4a290A0&cbFunctionName=goog_wrapCb_LK_tZPraOISk9u8P4a290A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.balatarin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.balatarin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7031645305449270%26output%3Dhtml%26h%3D90%26slotname%3D6838607656%26adk%3D1683087958%26adf%3D1206948085%26pi%3Dt.ma~as.6838607656%26w%3D779%26lmt%3D1693291276%26rafmt%3D12%26format%3D779x90%26url%3Dhttps%253A%252F%252Fwww.balatarin.com%252F%26hl%3Den%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693298476011%26bpp%3D1%26bdt%3D629%26idt%3D381%26shv%3Dr20230824%26mjsv%3Dm202308230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D928ec7a00119d54a%253AT%253D1693298476%253ART%253D1693298476%253AS%253DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A%26gpic%3DUID%253D00000c926af57c4d%253AT%253D1693298476%253ART%253D1693298476%253AS%253DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6058371957678%26frm%3D20%26pv%3D1%26ga_vid%3D649540507.1693298476%26ga_sid%3D1693298476%26ga_hid%3D101119732%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D605%26ady%3D1393%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31077327%252C44798934%252C31077388%26oid%3D2%26pvsid%3D4459967505643306%26tmod%3D665831048%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CEebr%257C%26abl%3DNS%26pfx%3D0%26fu%3D256%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3D8DP6wH4nA7%26p%3Dhttps%253A%2F%2Fwww.balatarin.com%26dtd%3D388&adsafe_type=bed&adsafe_jsinfo=,id:b54ae49c-6bef-afd7-c814-3ef2cfb61e01,c:mFGu2h,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-nrvt6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tOjhQuG+11%7C12%7C13%7C14%7C151*.1593509-73171254%7C1511%7C1512%7C15131%7C161%7C162%7C163%7C17,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:32,oid:d1cd50b6-4647-11ee-93b0-a298b921bcca,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0htzgmoDKL94O5jB5N1p7yq&ias_xappb=&adContainerId=brand_safety_LK_tZPraOISk9u8P4a290A0&cbFunctionName=goog_wrapCb_LK_tZPraOISk9u8P4a290A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

161 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.balatarin.com/
Redirect Chain

http://balatarin.com/
https://balatarin.com/
https://www.balatarin.com/

115 KB
24 KB

590ms
508ms

Document
text/html

107.178.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.241.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

b3889fc011eaac3919a0f1178ede85e8db899d7404208ba449d33ba41e60dda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 08:41:15 GMT
etag: W/"b3889fc011eaac3919a0f1178ede85e8"
link: <https://assets.balatarin.com/assets/application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css>; rel=preload; as=style; nopush,<https://assets.balatarin.com/assets/application-ad5cfdcee3dc7025ae2e47eb626092c3f8e69928ee6909ed8d83cf14f87a3dc2.js>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31556952; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 02876913-5256-4e40-bdcb-db5dc50b3826
x-runtime: 0.039505
x-xss-protection: 0

Redirect headers

age: 3115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
content-type: text/html
date: Tue, 29 Aug 2023 07:49:19 GMT
location: https://www.balatarin.com/
server: nginx
strict-transport-security: max-age=31556952; includeSubDomains; preload
via: 1.1 google

GET
H/1.1 200
OK application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css
assets.balatarin.com/assets/ 255 KB
45 KB 151ms
35ms Stylesheet
text/css 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95af92037987ce452b9bc35b990742190f048dfe11d7e236605e239e0cf91e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:07:59 GMT
Content-Encoding: gzip
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 63197
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 15:07:33 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:c41a0e50e3f74a9b6a7821418c273768
ETag: W/"c41a0e50e3f74a9b6a7821418c273768"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Amz-Cf-Id: VizBdFugSMD6Y4yuKqdXbmqh5xdfre37o_9a1BrwqdN362ggx2Ekkg==

GET
H/1.1 200
OK application-ad5cfdcee3dc7025ae2e47eb626092c3f8e69928ee6909ed8d83cf14f87a3dc2.js Show response
assets.balatarin.com/assets/ 147 KB
41 KB 150ms
33ms Script
application/javascript 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/application-ad5cfdcee3dc7025ae2e47eb626092c3f8e69928ee6909ed8d83cf14f87a3dc2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad5cfdcee3dc7025ae2e47eb626092c3f8e69928ee6909ed8d83cf14f87a3dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 14:38:06 GMT
Content-Encoding: gzip
Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 3520990
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 19 Jul 2023 14:37:42 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:b53d22adffdbb8d3a164fafc980ff253
ETag: W/"b53d22adffdbb8d3a164fafc980ff253"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: w4AtNUUwMM22TpFN2m5P8BtIOrtasH42ucYz2hIvTZjUsovxHVtF4w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 196ms
73ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44b0268b695e64932d8fbc99570658701d31091ea0817236a43340b263386a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 08:41:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 237ms
118ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48babb87c2ccf6184dcf43c0d14e5a72c244970fd62b7aa139130984319008a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51275
x-xss-protection: 0
server: cafe
etag: 8389124341684083720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 236ms
110ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c936a875624fd8483912e4bac50e535d558a1f0aedb66bff3b3ebba247b43ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28856
x-xss-protection: 0
server: cafe
etag: 561 / 19598 / m202308230101 / config-hash: 14272654897614254602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 181ms
59ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Aug 2024 16:06:39 GMT

GET
H/1.1 200
OK app-afbc2a2baa65c4053e740145622856066b9169882b28b136da9b7aa2e2a63161.js Show response
assets.balatarin.com/assets/ 135 KB
35 KB 35ms
33ms Script
application/javascript 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/app-afbc2a2baa65c4053e740145622856066b9169882b28b136da9b7aa2e2a63161.js
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbc2a2baa65c4053e740145622856066b9169882b28b136da9b7aa2e2a63161

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 15:07:59 GMT
Content-Encoding: gzip
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 63197
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 15:07:33 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:581a347462ac925ec61c1f672e05ef02
ETag: W/"581a347462ac925ec61c1f672e05ef02"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: zZcn-DsRXNuGRNl2x6U1-2MO1n4asAf7Eo1rjplxV5FgKh7cMEPbSA==

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020484/ 10 KB
11 KB 796ms
130ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020484/square.jpg?1693159823
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7d9fa59c145974a0e7b188b79793fd6dde7f1580fe0cd468a0a62e1d909df5ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Sun, 27 Aug 2023 18:10:24 GMT
Server: AmazonS3
x-amz-request-id: JW9F57ZBQZ7CZJ1J
ETag: "692ce7756d3501e1a388106a5d75770e"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10518
x-amz-id-2: AHdzvfaWzG0XG0yY7tetceEYVsnroTjbyEVxdSipzWHsgBs86yA8rPwrs0kDaMyFKvDv4ZyB5tI=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020483/ 8 KB
8 KB 807ms
134ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020483/square.jpg?1693149658
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f09d4163b590de40a86c438fcc840fa5cc8023ec39f124b3233d35ce785d8b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Sun, 27 Aug 2023 15:20:59 GMT
Server: AmazonS3
x-amz-request-id: JW9BBYVP9A09D4CY
ETag: "141608d768c6aa379719404310179f9c"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8173
x-amz-id-2: 1haz3ihvtWjLRjhiIfokmj5Qxb32GtqwHE8rtlzuMAeIuO0xCb4SBetY9R8ZLctB7LrPMToYubg=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020482/ 9 KB
9 KB 817ms
137ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020482/square.jpg?1693089516
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f66bb2245bd952433275f5def1e00c45e56ea008d93ae7383bd8b72fa7d319c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Sat, 26 Aug 2023 22:38:38 GMT
Server: AmazonS3
x-amz-request-id: JW99V4RBD8Z09H0Z
ETag: "cebb26518c7700ffd413590a2a590e05"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8811
x-amz-id-2: zyrKzg9CGKIlhYCkFCJUBa9dIDeU8AJUcthBVS5EY3gzFtIqHnn8j24oApK+85LUXfhJRjY+w+E=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020481/ 10 KB
11 KB 838ms
137ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020481/square.jpg?1692814138
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd16fe71465d2a5d060dabd203986091edd0a9939b4df97cad1c5b103c095d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Wed, 23 Aug 2023 18:09:00 GMT
Server: AmazonS3
x-amz-request-id: JW9DG9HVCG2FMHC1
ETag: "d5eb365cda5f59cfd6e7da392f77c94f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10643
x-amz-id-2: Q64b4UKKE3f03/uEVeIM+EpactGYDARk0avlYf/tjcRRlxIBGVEYX0s17UcWbju9Fsk4ITvNais=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020480/ 8 KB
8 KB 840ms
135ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020480/square.jpg?1692793490
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49d0e56495f2f427b6d0b38d9346330ab575959f0f8ea7c6c502d34fa6d9f48e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Wed, 23 Aug 2023 12:24:52 GMT
Server: AmazonS3
x-amz-request-id: JW96BEACJGR0EENB
ETag: "6c60060a17de335d79a4cd7a7e46e1ee"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 7684
x-amz-id-2: WWAKwyMSAwqifjKvoYGE5t5Rm2UzvPWMwzCyYyFZD1ZY+qS7Yx4AWA12FPCdmnAs9EnI+oyShg8=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020479/ 9 KB
10 KB 888ms
131ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020479/square.jpg?1692099774
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: af5b4f29c06669e1cf155e0943401abc38a2404f3bca59922a560b1d9e6aea1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Tue, 15 Aug 2023 11:42:56 GMT
Server: AmazonS3
x-amz-request-id: JW9FPHB357RWZCGP
ETag: "2a36d0eadb3d5475bfc2d640bfffe855"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9586
x-amz-id-2: mL4t4iRJPbVykrrc6EpAtTHwsDHOubuQv/MS085oXUmzX4WMnp+kQfwntdHw4j0lqUNorW6Zs7U=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020478/ 8 KB
8 KB 333ms
149ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020478/square.jpg?1691943501
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5050bb103d946e4810678d79cd13793869b36901dc0c36b35c1b80af8cd2b070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:16 GMT
Last-Modified: Sun, 13 Aug 2023 16:18:22 GMT
Server: AmazonS3
x-amz-request-id: NNRREE4GJ6DGEYM4
ETag: "e61ef20854dba6a422c61859b3e442d3"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8243
x-amz-id-2: mTitwZ87bFaO58nQNFSW03djM4KIjPuY539T/HUDiQ66JVuNAfHkdJbvlijddbUm3+n2d0baO88=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020477/ 11 KB
12 KB 331ms
143ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020477/square.jpg?1691933996
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6f0093051f98e26333ddbab84ea7b0dd93326c5c63eaae8088945fdd610c82f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:16 GMT
Last-Modified: Sun, 13 Aug 2023 13:39:58 GMT
Server: AmazonS3
x-amz-request-id: NNRV7CQQ7AA6BTEB
ETag: "9a986f323bcb61459da3f0d26b9251ef"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11690
x-amz-id-2: J9TyzJoGutKTV8JdJcIaxEVpuYkJSwyRi/nH1/bExYmScqFcKvjcx6DaIpk1AgvbBSNc0NtXixI=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020476/ 8 KB
9 KB 334ms
145ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020476/square.jpg?1691686065
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5c0f850be678e4a3b5f436c6d92b534b50bfd2c469744003fa0885a41ab57f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:16 GMT
Last-Modified: Thu, 10 Aug 2023 16:47:47 GMT
Server: AmazonS3
x-amz-request-id: NNRZKPVA39CNQT7Q
ETag: "87e95f83eed6641139e4691e903cd72a"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8287
x-amz-id-2: Nzx6WTSZ7aSJIMLb/BsJeHza8DQAylbYEneari4KKB6W7YsmQeElDlsEMcxMk6q4FpU7BwVBMVM=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020475/ 8 KB
8 KB 324ms
140ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020475/square.jpg?1691595778
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1f856a994bd0ce88b25524e704eec253944ba112c54dda7345b49c2a62cced80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:16 GMT
Last-Modified: Wed, 09 Aug 2023 15:42:59 GMT
Server: AmazonS3
x-amz-request-id: NNRT79Q9B89W0TTQ
ETag: "81e050938a0567eb49fd7441b6a16ef5"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8030
x-amz-id-2: fzHxBmUF1RNiN/dC2r7BXoxTIfJZ/nTp6/mNTDOBUClpBC10FCiRqD7dq+FdBQ12Eq3yDzNrw7w=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020474/ 9 KB
9 KB 325ms
141ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020474/square.jpg?1691418173
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d05700b1f5db63de13ae86be3a82e6993c58cc8a510b31c1ef23661527deccee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:16 GMT
Last-Modified: Mon, 07 Aug 2023 14:22:55 GMT
Server: AmazonS3
x-amz-request-id: NNRJ0MRE45YFEW3G
ETag: "14638cc301bf4806e74e9933a09428fd"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9266
x-amz-id-2: KqAAKJnQo0HfmzpNejEeXVwp+X3StiOdzxJTesAjrfCK+EIHDobuxWTIkCv6EeKcRTnSFje2P4o=

GET
H/1.1 200
OK square.jpg
s3.amazonaws.com/bala.static/topic_photos/1020473/ 9 KB
9 KB 358ms
143ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/topic_photos/1020473/square.jpg?1691224249
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b2c155309dc50b905beee7e0cbdb235033d168eab05b0599936ba2a363c82b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Sat, 05 Aug 2023 08:30:51 GMT
Server: AmazonS3
x-amz-request-id: JW9FVS2Z4ZBBE6HE
ETag: "58ce77e8ca7133479b910a957bc8a7e5"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8957
x-amz-id-2: qX+/akNPPtDFJhjh/+HTIEU23G6gb/pMLPdwh8pkmzZkJFJ+SL3ghQStIV/jU432AMA5Kxbpxeo=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/182803/ 397 B
787 B 468ms
136ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/182803/small.jpg?1613423552
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f4528ed74e5f7c4c5835c5edfd1766b8f87e148fd44ae68da968639b3a6c7676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 15 Feb 2021 21:12:33 GMT
Server: AmazonS3
x-amz-request-id: JW9730R9T66AK3EN
ETag: "497a26dafa1b6c1454c79e6132826656"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 397
x-amz-id-2: OeDBe4yp6P4svHm+7YET5hoxjhK1mmojhfL1T2ErQgz0C6N51pwREvNZIcN6Y68ogaRtBJ94pR8=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/184865/ 651 B
1 KB 465ms
131ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/184865/small.jpg?1645131887
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: eb879d9c271cebae08162a3662532a7255ae7e3a017b8673d00a944785e7f2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Thu, 17 Feb 2022 21:04:48 GMT
Server: AmazonS3
x-amz-request-id: JW9DP50BQS1HW9X4
ETag: "3d217a1e7837ed22e3e7e2c698dfd8c0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 651
x-amz-id-2: kDJpmga4BBOsxjn77jl38UdYIh9yZBt6cio8sRVseoDqnfsfKvfZewJe4udelre1UnU5ZdxX8TE=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/183936/ 664 B
1 KB 456ms
132ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/183936/small.jpg?1610839887
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b701d602c8ef9e370815a600a428518e9cf5eec8704e518fec924ea51484855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Sat, 16 Jan 2021 23:31:29 GMT
Server: AmazonS3
x-amz-request-id: JW98D8Q7C1SV3ZR3
ETag: "41fb91eac9a445a9e15195c4df00f425"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 664
x-amz-id-2: zWsbG3fuClk+hEYopDmbitbuqgwzifXDGWxDVTZ/qCWSYAs08akUsybp4iculsHNvXbsb/sAU0s=

GET
H/1.1 200
OK small.jpg
s3.amazonaws.com/bala.static/avatars/181522/ 729 B
1 KB 457ms
132ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/avatars/181522/small.jpg?1684431449
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b7a9b4d1d3f0280ea54a7e7da3bde2985287ee8c2f52853cd25c3463c9645374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Thu, 18 May 2023 17:37:31 GMT
Server: AmazonS3
x-amz-request-id: JW94ZCKGC26XXSZ5
ETag: "7e5cfbddf19a3156251da98116121c0b"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 729
x-amz-id-2: s3gJay05dZP+hGJonlmvwerjmkooRWUHe1uooaL11XZnGo5Z2GtuYFfvaQbulkOqyYvhkIGFBjk=

GET
H/1.1 200
OK android_download_badge.jpg
s3.amazonaws.com/bala.static2/ 82 KB
82 KB 568ms
136ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static2/android_download_badge.jpg
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d196e72b2bc9f2424c225f5af951b10b71115d6f1fbdb43837d55afac027034a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Thu, 20 Jul 2023 15:21:08 GMT
Server: AmazonS3
x-amz-request-id: JW9FGC0FDQRPXHTM
ETag: "e8b49b7fbc8e13972f8045edba1b71ac"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 83995
x-amz-id-2: heXVxo/lhL8TdCkJt5mAfJa7UVZiNem4Cgjr57EtOQ/wa3oWGWktC+CG/Nn1wc+9ynI5xYluDjY=

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 22 KB
8 KB 165ms
47ms Script
application/javascript 99.84.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=072caa77-813c-41fc-84e3-1af5067d7f16
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-93-105.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 075053fc38bc7dd4005953d986110673edd93a916ee0cc4a6537b85eb58645ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: Public
date: Tue, 29 Aug 2023 08:39:56 GMT
content-encoding: gzip
via: 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-C1
age: 79
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
content-length: 7400
x-amz-cf-id: Zu4v1gSLaGNtl2nmHbtc2wj0kTqQSeTcq1TJM4zwkwBKQ5lWHnBzrg==
expires: Tue, 29 Aug 2023 08:44:56 GMT

GET
H/1.1 200
OK logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
assets.balatarin.com/assets/ 4 KB
2 KB 29ms
29ms Image
image/svg+xml 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/assets/logo-c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5.svg
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 23:55:04 GMT
Content-Encoding: gzip
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
Last-Modified: Mon, 09 Nov 2020 23:17:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 3660372
ETag: W/"699129013888caccc30ce00dc03acd6f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Cache: Hit from cloudfront
Cache-Control: max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: s_tpjte6a_hezHBET5yonarq-IGwmNmU9XdN-9sHtEzhSARtYxhtrA==

GET
H/1.1 200
OK fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
assets.balatarin.com/assets/ 75 KB
76 KB 91ms
33ms Font
binary/octet-stream 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.balatarin.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Requested by: Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://assets.balatarin.com/assets/application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css
Origin: https://www.balatarin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 01:02:28 GMT
Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P2
Age: 3656328
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 77160
Last-Modified: Mon, 09 Nov 2020 23:17:46 GMT
Server: AmazonS3
ETag: "af7ae505a9eed503f8b8e6982036873e"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://www.balatarin.com
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Vary: Origin,Access-Control-Request-Method
Accept-Ranges: bytes
X-Amz-Cf-Id: U2lW5urjrcvMJmWJ-PE3dq8SS01F_8naS7ezGGfqPibWkq2CkxDotA==

GET
H/1.1 200
OK b1ef045e-500c-425b-b152-de04453205e0-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 607ms
135ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/b1ef045e-500c-425b-b152-de04453205e0-thumbnail.jpg?1693252576
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 907e8f0984bdd01d888c16b17fe31f369184a2e58078ebc34fd5eb0161054f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 19:56:17 GMT
Server: AmazonS3
x-amz-request-id: JW98ENHCEBAGNH3G
ETag: "6ae2fe3132ad789e760ecbfb57157da1"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4992
x-amz-id-2: kUYuIdy8v9uOwLYJvDZDYkwPgDiwVEZ5CP0qGHv1LeWDJQiOmAjn3MUM9FlkL79r4XEHSEsaa68=

GET
H/1.1 200
OK d6e9b1fc-bb40-4545-91c8-009af18e4055-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
5 KB 582ms
138ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/d6e9b1fc-bb40-4545-91c8-009af18e4055-thumbnail.jpg?1693225670
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 28ba20aea387d4fcc2e0406e80c9fe5e2ef5e2064a5562b8fb61d0817b8c3bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:27:52 GMT
Server: AmazonS3
x-amz-request-id: JW9B8EQ5JZYA9CKY
ETag: "3a593f28e86b9a09d3dd65d62fcd8779"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4364
x-amz-id-2: YWLxp2gpqiUNWIrr2AEcmbQ6SqKfXSOyziQYXifD5LfLx76TS1LMj4UBYjs04c6aH18RNItAJW0=

GET
H/1.1 200
OK f4d6cda4-e555-4c65-b409-e604f8d4fadf-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 464ms
154ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/f4d6cda4-e555-4c65-b409-e604f8d4fadf-thumbnail.jpg?1693222524
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef9ce1a17869c590ca13e0915e6d68f361c51d0ac99cf4c2f673d780747358c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:35:25 GMT
Server: AmazonS3
x-amz-request-id: JW93C2RJF5YQB8AY
ETag: "a4c0fab73616e6f3f0ccf6d4a7f82e0c"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5082
x-amz-id-2: xq94pMM/CLT/iRAfMGInYv08PJ81GsErGG2of8umrUNTsqH7WFexHF5xhWmi2N6j8usgPui5ooA=

GET
H/1.1 200
OK c997355e-8e9e-4dde-a01e-d8d5da2ed12d-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
3 KB 565ms
131ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/c997355e-8e9e-4dde-a01e-d8d5da2ed12d-thumbnail.jpg?1693221541
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 27f38eaaf59c8d79936ed9e5c7dbac44f828664c5fb4e6f87b20e2d7ec8ec325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:19:03 GMT
Server: AmazonS3
x-amz-request-id: JW968R69QCSYPJDX
ETag: "ce1b98b0cfa89ca4fabd420bd0dab871"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3039
x-amz-id-2: 2HzZQTZzKlx20Vb9NkV1yJFaCY2vdq4L3Exr58JG03I0SnyjPPKmadvXrZEdTRhmvrvhjtGbbr0=

GET
H/1.1 200
OK 6247c0c7-5b85-48b8-98ec-71ac43d74175-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 6 KB
6 KB 602ms
138ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/6247c0c7-5b85-48b8-98ec-71ac43d74175-thumbnail.jpg?1693219837
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 83b4cac12641ae3e8aaf9431fad49dc32720a2176e9eeb79ccaa68f80543c3a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:50:38 GMT
Server: AmazonS3
x-amz-request-id: JW9F2AJGQ62XNJ3J
ETag: "77e70e988d31e36ec6fd9163eeab455d"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5767
x-amz-id-2: JnqUuDL+YUoi1LhmcshHLW0dIhpzl1Nd2HPDHM6S2zLzyhwniDMlRRnrEHyHJJatRDfHOCdQf1E=

GET
H/1.1 200
OK 76d901c9-3d3c-4951-a844-027959d61ed6-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
4 KB 471ms
137ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/76d901c9-3d3c-4951-a844-027959d61ed6-thumbnail.jpg?1693221231
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6f6e7c0e0c487536fadee34a7ab5295786fbcb2c93e1ff786d593539a8b9c39a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:13:52 GMT
Server: AmazonS3
x-amz-request-id: JW96E169C4B2RP4E
ETag: "fefee1bee50fbb3ea52fdb94d167eb33"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4106
x-amz-id-2: 0wEyFZ5/4EWBh9zwmnpeYoEVK3ShU/wcWmJhKXfYeJPV6J4Y0nLPc0d+Iuxa2LJPpSXsgqmaIyM=

GET
H/1.1 200
OK e7950de8-81fa-4ae5-a654-91e9cf945923-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
3 KB 573ms
132ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/e7950de8-81fa-4ae5-a654-91e9cf945923-thumbnail.jpg?1693218565
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 06f4cf1f6f7775bc506c8b83fe0b886fc32a3e05ed00702ae9e6de31b25d9b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:29:26 GMT
Server: AmazonS3
x-amz-request-id: JW9CQFPGSA4Y6VKC
ETag: "495e530ecee94e7c9bb097a5cd87195a"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2757
x-amz-id-2: T1PnBnky/MvE6nZVT7bBfhFtEZuFIvj+j7JLZBnxe00iW0B6gY2xkWVP664bXHkVZyFPOcYgYQg=

GET
H/1.1 200
OK 7ac5ec0d-90d7-4101-80fb-c56eda233b62-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
3 KB 135ms
135ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/7ac5ec0d-90d7-4101-80fb-c56eda233b62-thumbnail.jpg?1693225005
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b5b8869e9dc710f2eef7aa59272e5285c10c64d8081d8dae0fc74d18361df831

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:16:46 GMT
Server: AmazonS3
x-amz-request-id: JW9E9SQGWVDWPZMH
ETag: "54c63d07912888ed7b2f1ce97c63544c"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2777
x-amz-id-2: eBxd69CjaxzFh6MyXxghs02f/GASn00pege8LP7T/fpEY0bZnr0ChRCVyCl4+Wu/nvAL7GyrHO4=

GET
H/1.1 200
OK 888536ac-59d1-459f-a721-ddd363fd7b15-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 135ms
134ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/888536ac-59d1-459f-a721-ddd363fd7b15-thumbnail.jpg?1693224380
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 840e9e10c44082ea6de4e2045353b846c391cb181125f977f2d404a5e318532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:06:21 GMT
Server: AmazonS3
x-amz-request-id: JW975FKBKVTVMK0C
ETag: "f059d9e86921e442e7149aa8d7a04ca8"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4661
x-amz-id-2: HggNxetE/I0Nfxs+LOVSuVMUy7gMpbSD2f1hS58uKphtFa2v1cvcpDhlbLj7d6zZl5Tl0NSAyLI=

GET
H/1.1 200
OK 94430b9b-edda-499e-951a-b4432c8261cc-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 6 KB
7 KB 135ms
135ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/94430b9b-edda-499e-951a-b4432c8261cc-thumbnail.jpg?1693226318
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3199e6c67222648d31333d53b6be33272860792fbfbe124b50c445d46c11a0ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:38:39 GMT
Server: AmazonS3
x-amz-request-id: JW94F74B2BG825TC
ETag: "537bbd595e07d466dc4e903d3baad200"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6323
x-amz-id-2: E5L1dhclhWD0xDX0IOklW3oljudqkVtqda+aNwz72voWgfMVUgri2Pvu+J/FGXIFJOe2MHDMMxI=

GET
H/1.1 200
OK d974491a-f864-4ec6-8a8f-9bcb3818d058-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 136ms
136ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/d974491a-f864-4ec6-8a8f-9bcb3818d058-thumbnail.jpg?1693224510
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 840e9e10c44082ea6de4e2045353b846c391cb181125f977f2d404a5e318532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:08:31 GMT
Server: AmazonS3
x-amz-request-id: JW99ZJC76X5RV2HN
ETag: "f059d9e86921e442e7149aa8d7a04ca8"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4661
x-amz-id-2: Em/Ku7UU4e1ov87+Nstm6pJMr/o8fDS3rAcXhtm4d7Uk77ahhzibX5KOAqM+Ez7djnnnm6Ex/88=

GET
H/1.1 200
OK b3cc8b24-a645-4fb8-90d9-843410ed4fbc-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
4 KB 140ms
139ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/b3cc8b24-a645-4fb8-90d9-843410ed4fbc-thumbnail.jpg?1693216856
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 008e70da90814f9f0c63870b46e41c63743721d196f175d8ce41e59d276407b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:00:58 GMT
Server: AmazonS3
x-amz-request-id: JW95SRGCJ6C2PTC2
ETag: "648d9cce7aa270265802614b70b36920"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3238
x-amz-id-2: NP4rxaIdIENNn9eaAlH5kWPnOTl7EcFhqIq4Nqeu/ihb6VMTk0W8qoQXg2j7qVhPOJ/HV5oSwP4=

GET
H/1.1 200
OK 01ac72a3-25eb-42c6-9678-01673188b36a-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 6 KB
7 KB 131ms
131ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/01ac72a3-25eb-42c6-9678-01673188b36a-thumbnail.jpg?1693222232
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0e82d97739622b3cc7d118d0f1b5ac699289b1d945b6a7478a159961de89198c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:30:34 GMT
Server: AmazonS3
x-amz-request-id: JW941DXEN7G8ANE6
ETag: "68830a4c1611d0c56f32c7f338c3fee1"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6300
x-amz-id-2: /LUIXa07tidPWyDUpg0Qbb2BfuIeh5s+qcTvH8SEeDK9i1SKLFuFfYCFoRbgAHip5/atq0t0hxs=

GET
H/1.1 200
OK 200e338b-6129-4ded-86d2-c81e8a40c237-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 3 KB
4 KB 133ms
133ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/200e338b-6129-4ded-86d2-c81e8a40c237-thumbnail.jpg?1693221921
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 482778c97083da12387422ddaaaed19e7f1f55f574cc20b3d09b5dab1696459f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:25:22 GMT
Server: AmazonS3
x-amz-request-id: JW96J3W904ZT27N5
ETag: "8a9cc086702dc19b1fa571295bd2472f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3451
x-amz-id-2: FrXRIan6Ly3OPZ3QcQMlpyy2tLx08EIlM8Euh6QzHgX8NslCNb/XkTchGV5afKfWRMIey07clo0=

GET
H/1.1 200
OK 2acb2f4e-f790-47c3-87b5-30a585301958-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
6 KB 137ms
137ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/2acb2f4e-f790-47c3-87b5-30a585301958-thumbnail.jpg?1693223751
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd9d566c799c4f140d52d7c05136199de35fd34510a58b5db34a58c48b6346bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:55:52 GMT
Server: AmazonS3
x-amz-request-id: JW93W750P4SJ24CA
ETag: "877d54691d4ff67416a215bb9f5a8169"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5442
x-amz-id-2: VNdPtIONBsUn4t6vFzjVWb2UUkdIGGBOeQ8SyyTh/mFAhquLKW7Jk4JZ3ek+4jdFOtR+h+gi3ao=

GET
H/1.1 200
OK 0c256bde-64f3-4bbc-b9bd-edf59ac81044-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
5 KB 140ms
139ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/0c256bde-64f3-4bbc-b9bd-edf59ac81044-thumbnail.jpg?1693226736
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e1973753d132c2abfdcf37f346096bc52aa4f149cf4e580ec082605dc6378c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:45:37 GMT
Server: AmazonS3
x-amz-request-id: JW9ARF6A4WT0QA3G
ETag: "a30581d5d16f5f5aed2d515081177a84"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4484
x-amz-id-2: 1Jh7xT4yYwxcYKj3F2mD585QKYTRd0fzHDGttfyG7inAA4zRtsDdJ+j16v+ijSWaguXxNMF1JPE=

GET
H/1.1 200
OK a02f2e4d-448a-4cd5-bbae-29247abf56f1-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
5 KB 135ms
135ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/a02f2e4d-448a-4cd5-bbae-29247abf56f1-thumbnail.jpg?1693217260
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 08fd4a6e5a46b7139103765bfcbf4dacd8c87a92fbf93f31d0c0a85fd4909f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:07:41 GMT
Server: AmazonS3
x-amz-request-id: JW94HBHVE3CS4NRT
ETag: "dca07eaf867c3078f6920c0d0dd551e4"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4540
x-amz-id-2: 61Gb+yIjxKfLpJaUwVztxTLMY4zluDzPMY1rsZNkqDd5srJVsvS8T5Ad6bNcIZIOH+gvdS/X/4U=

GET
H/1.1 200
OK dc9804d7-0b24-4b67-b231-7bcc11f3b4a3-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
6 KB 165ms
165ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/dc9804d7-0b24-4b67-b231-7bcc11f3b4a3-thumbnail.jpg?1693220014
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0da7f4f886535f580025b556629ac5d73ce7315b72f44a4c24f74be2b077d2cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:53:36 GMT
Server: AmazonS3
x-amz-request-id: JW9AK9HVHEQY3WKQ
ETag: "b8384590b7f06601d75985fa97d52a46"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5544
x-amz-id-2: kv3Jlv4LiQ2WO3ibLvWE7APqKYwy+RTnc9z/q/8KEqG3Aw+UpGZTvGW0AP2t3jwKjmp6bAEpCXE=

GET
H/1.1 200
OK df50336d-223b-4286-8440-8b48dc950e99-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
4 KB 131ms
131ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/df50336d-223b-4286-8440-8b48dc950e99-thumbnail.jpg?1693219269
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c46e653fd7ffeb9ae41e70636295e345cc48d62348790e3a212034c71766efcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:41:10 GMT
Server: AmazonS3
x-amz-request-id: JW937Q3FKPVQPZFK
ETag: "416c3bb5b78920bb6166c71e20c9d7a6"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4094
x-amz-id-2: fYekMRkSxDVygn+e3xtn89sYVdT1xz5VgjZ0MtDFAIxP21T6A/5RBfzueyWDuYGY23ZUfg2NDUc=

GET
H/1.1 200
OK ea5ff54b-e2ac-4112-9134-857a814ca5d6-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
5 KB 131ms
131ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/ea5ff54b-e2ac-4112-9134-857a814ca5d6-thumbnail.jpg?1693225994
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f3be2ca7f7da627a06538e64d3f34c6a7484f99378d4483943bab00b09622d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 12:33:16 GMT
Server: AmazonS3
x-amz-request-id: JW92M5CZEBYAZ20G
ETag: "d9088937d3998bcf94a0053686f1a7af"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4709
x-amz-id-2: AseD4vgavpBJtEs/rJfr1/GCwncQtmljWabD6eNzmAF0+FuRS0XEYyEFOM84PLuPDec0pimHJ74=

GET
H/1.1 200
OK a288439e-4cb4-44bf-8f76-5fd6247cdfd9-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 8 KB
9 KB 134ms
134ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/a288439e-4cb4-44bf-8f76-5fd6247cdfd9-thumbnail.jpg?1691940990
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff42d10486d003a99729e201980cb3825317ad418772d1b7bf1b25ec2cede9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Sun, 13 Aug 2023 15:36:31 GMT
Server: AmazonS3
x-amz-request-id: JW90T6JXZF9608DQ
ETag: "f6e3bdf958518a68a86a535f1db3b3a4"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 8303
x-amz-id-2: JmwX5qgyHMdnRiaV/4i8iEz6yhh6efvoDqHCTgHzhjH00gnRghynAIy5CIRKzS8/kZPY0EHllEM=

GET
H/1.1 200
OK edce16bb-4859-4de6-a7c3-24fd95ac5a37-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 5 KB
6 KB 136ms
136ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/edce16bb-4859-4de6-a7c3-24fd95ac5a37-thumbnail.jpg?1693217769
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e2d5024b6abb24323fa6ae7a99b4ae4c52bba665f8655b35c7a69a6a4e27fd8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 10:16:10 GMT
Server: AmazonS3
x-amz-request-id: JW9C3NQH664Y8KJ4
ETag: "daa8ae9ac1883412ce0bd57af226be59"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5380
x-amz-id-2: L4FCef4qQlGBmwF7biFeWIuMKwVZXwbs6mSmQSeX3CarrmesNgrdv3t32c2J8KvZqg6Crbg6JJo=

GET
H/1.1 200
OK 2fd272c0-aa17-4303-9247-d24a01303a5a-thumbnail.jpg
s3.amazonaws.com/bala.static/links/ 4 KB
5 KB 137ms
137ms Image
image/jpeg 54.231.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/bala.static/links/2fd272c0-aa17-4303-9247-d24a01303a5a-thumbnail.jpg?1693223903
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be1a034f38a498bde60417bd909ed710cec1996f56a6d735b0af93e99b6453d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Last-Modified: Mon, 28 Aug 2023 11:58:25 GMT
Server: AmazonS3
x-amz-request-id: JW91ZP4E3FDXBJK8
ETag: "93cb57421f6e5b135169dc7e56dadff8"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4400
x-amz-id-2: i1byRLjyb4xw+lUfCdViM+7wXDGVY+uKbIcxBAvdSnjpd49+m1GJsbvgRMzHkDhJknIKRAIIdgA=

GET
H/1.1 200
OK logo-footer-5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11.png
assets.balatarin.com/assets/ 826 B
1 KB 29ms
29ms Image
image/png 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.balatarin.com/assets/logo-footer-5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11.png
Requested by: Host: assets.balatarin.com
URL: https://assets.balatarin.com/assets/application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.balatarin.com/assets/application-9f06c25a6bfadb6ea881b8c986093b2346e86142dcdf113dd6cdefc6e30acdcf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 16 Jul 2023 03:38:51 GMT
Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
Last-Modified: Mon, 09 Nov 2020 23:17:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 3819745
ETag: "d6866d17619bc26a183d1c88f469f3e5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 826
X-Amz-Cf-Id: KZ3q3laxWw2CRV5VXZSx4Cu1qHUeGoWIPiELiCLpyzdETcuh6QRwSw==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ 404 KB
127 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44238
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:23:57 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ 392 KB
132 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31077388

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ec077a55199c6a93d36bbe59d7a8ad84b5fe63be7cb23e706914e4ecd1e487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134496
x-xss-protection: 0
server: cafe
etag: 6967120329837982335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230824/r20190131/ Frame EEB4 10 KB
5 KB 180ms
57ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 01:36:02 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 01:36:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
23 KB 117ms
117ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459967505643306&correlator=4502678369972783&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fifs&iu_parts=3679856%2CSidebar-Middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693298476177&lmt=1693291276&adxs=290&adys=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.balatarin.com%2F&vis=1&psz=336x0&msz=336x0&fws=0&ohw=0&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=false&dlt=1693298475383&idt=768&adks=3772982170&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e6500623fe9f469428d37324fb783069f5689ec651834ce7234d807b5a403a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23999
x-xss-protection: 0
google-lineitem-id: 1279745296
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 113000655376
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 99FC 6 KB
3 KB 205ms
65ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
expires: Wed, 28 Aug 2024 08:41:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 197ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.balatarin.com&callback=_gfp_s_&client=ca-pub-7031645305449270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7031645305449270&plah=www.balatarin.com&bust=31077388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47cfa3ed8bf233eee9751306d36d9ef1f41af9a173abf4681675203fe7d71c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B94 20 KB
5 KB 223ms
223ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&adk=1812271804&adf=3025194257&lmt=1693291276&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.balatarin.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476003&bpp=5&bdt=621&idt=320&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6058371957678&frm=20&pv=2&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=356

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce1de617a435d962cc49bfb8d8f5d08cc162657bde084960efc1156edeb583a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
expires: Tue, 29 Aug 2023 08:41:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 157ms
157ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-default%20navbar-fixed-top%20navbar-headroom&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6374 0
0 93ms
92ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuQdk8eZ1EdkMy8bR7uTUo2-53PfZ8QgvQ80EfKGOEbZU3tmCpGnmVENOlhYmk8HfwOTAiplDSZTnIAGudhenDJRYc5hB_vgD5G-6wpCrwQ8kp9FI3UHVEagTq3CtXqTbFyQVljBWFb7o-8hnnDjazyYc98CPXXnCtGgWvKrkiGtarYr2tcob4vWtXe5uufilA1ld13rYPRk4V8z6CLjk6nD0_B3BR83J2_w4OqS7FTA97acia5kYFgvh6bom0dipI3uXWUY0tNrDLthIS9x0KWyVeGk1aq_AaHFP100jMlIECimXn0Gp7-uPLlsWXjAqvPksgqFK01w&sai=AMfl-YQiDIBijBoQdNDRbvPHUw2JbPbx5jIy6E40FjLwkkMTojC5Z9Alg-xjhT-VBXclIkxffwjz4HVh_zZZoPVtKI_VLfk0OSnN10QaaIvD0pBbKrkwpmzULtF0yOe7LA0RP3081ZwMATNahJpE-My-&sig=Cg0ArKJSzGFW-lGddFVlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 6374 23 KB
9 KB 181ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:56:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 6374 3 KB
1 KB 188ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 07:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 07:22:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6374 181 KB
57 KB 100ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H2 200 11014814240268210796
tpc.googlesyndication.com/simgad/ Frame 6374 35 KB
36 KB 187ms
66ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11014814240268210796

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e581c3bf6f9547d2b323c8e1ab6546470435b69417d12984bc0fb08c90307112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 11:52:47 GMT
x-content-type-options: nosniff
age: 247709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36079
x-xss-protection: 0
last-modified: Mon, 11 Apr 2016 23:11:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 11:52:47 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE95 27 KB
12 KB 304ms
303ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25aca0b2852ac83203def30e05bec5501beec1e8010d8d48d0f553dc7ec230fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
expires: Tue, 29 Aug 2023 08:41:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6374 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a3121c83101fc70feb60f064fea5a35d5dc7900f19c710ec04a86302b5c990c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF20 24 KB
12 KB 320ms
319ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bee3921c6c90a3938fe8599bf81ac42315d8da1927714cb5c9f9d447256059f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
expires: Tue, 29 Aug 2023 08:41:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96A0 430 B
503 B 307ms
306ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=8352827426&adk=3914965158&adf=666277397&pi=t.ma~as.8352827426&w=336&fwrn=4&fwrnh=100&lmt=1693291276&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476014&bpp=1&bdt=632&idt=423&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90%2C336x280&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=1152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=fWwPiBEMsy&p=https%3A//www.balatarin.com&dtd=426

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91d71ece617498692cecd4aebd128d889437da70883909296c453aaf5b7e4d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
expires: Tue, 29 Aug 2023 08:41:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6374 0
0 211ms
95ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgZMdnsiaUviKDGTW5TkC1WuK5mjd3IFIJ5Q37OGUvnJId050FCAuzlcBiHzUvz2xAVXY7DWp6iX3qfNeaN_hj8eA3eTf0LNVnQJ6VGNFcN1AEC7QXRY49X9_a4burB-ylxbz8OpRx5q9CDVX22X659xIVSqem0mWF9uQdoqYS3GVveYjQLnJgUAjAmswbnMQ-mOe4CyhXw15G6CAqJUFlk_APfjTdGNDj8eZUmN62VtYo9206GFE6zBDhFCveNqav6svZQcmV9cSWmiEbiZCIg7kZW5sMsoayI9_03OZEG81VMsGZBql3k6caKixkb-53yARc5Bcim2uR&sai=AMfl-YQMvMfKhVAC8tMBdg6MKGP9YNCjppIiM8ZNyeF_uZiXT7930JpytP5Guzif6mVEO3d-eec-y_NpH0zd_m2jlZAEKsr6We-keRqi6b0znfbvNEmgjOW7xdlbcZQw6PKT37_uOOVaW0rsvrenPVV8&sig=Cg0ArKJSzGlMyc-MovZ0EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E87A 624 B
242 B 106ms
102ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYqcSW8wEwAQ&v=APEucNUZnRgxmJCJNx_CiRCSqjZkMkoURyWWHcKdc-cW5LpJGA5BpExIG6XzSobniXUgAcF3X8H8D7azkpKtxbn-gcgJgT_kJdm3mNkLYmqCmFKFca0q9RIYs4OG7i5p2M41mHkI9KurjVMdLN_1mG0dfcDyvFxki2adxOBf-wb_yzt9IdnHTDU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 564D 86 KB
29 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 564D 3 KB
1 KB 66ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 07:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 07:22:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 564D 20 KB
8 KB 60ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 564D 0
0 190ms
65ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRF4_48MW5WcXwFd66LIea6zbN0s23T0TyODjyTipmRNnKSQDVfInbdwMaxAvf1pg-5myzNa4C6hLNLrV143byIcPrjvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 564D 181 KB
56 KB 75ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564D 42 B
63 B 159ms
157ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BzWqstVR2liu--vq2Z4WvxZbYHZaB6rq2dTks5NwmzIlc2pbytr2wLup-osKI3PPwc6GTPqAsv8aGFUdIl-UTZ0IHm0Rrh-w4Zn4maJ6CZqNsINbg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564D 0
20 B 159ms
157ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6600107793727102423&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF20 42 B
63 B 158ms
158ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyvPTN_b48HOIfx-KR0QHsewHhc8DaewUlqIUY5pTKZkhcSEDrLz3vY6lMxEfpD-o5YjK7ULUn2derl1hhKi33FfsmrHqqOvY0sJ0Up_hvZrZ9KA8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF20 0
20 B 157ms
157ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18374103807249720001&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF20 86 KB
29 KB 209ms
208ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BF20 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 07:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 07:22:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BF20 20 KB
8 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BF20 0
0 146ms
66ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiyu7N5TcGZNefyaoSl0dmLNRqEhMi8o1zqU2g2PgOpBlPFdAR7kSExBuTxsK3_VxS43KGCo_25fL04EX-QgjCIPzEyA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF20 181 KB
56 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8C1F 624 B
242 B 104ms
103ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDgh9qvAxiVgtfJATAB&v=APEucNUjHaddY779q-zJ3qVm-eDcVvvyeT4pRVaMfP7nKCH8XScVv_2cMMJvLLUAhN6T-5sZZN0G95BLdu6l_-t3kyheBzVB-mqBM4Lf4pa5JC4o2j_Lg8FRz6CshJd7FMCEHFLUGxFXqTErHhUdquI8fQJdZPBfeV-gTBP-gIl7P21n9Nlfeyo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E87A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1

43 B
766 B

32ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYqcSW8wEwAQ&v=APEucNUZnRgxmJCJNx_CiRCSqjZkMkoURyWWHcKdc-cW5LpJGA5BpExIG6XzSobniXUgAcF3X8H8D7azkpKtxbn-gcgJgT_kJdm3mNkLYmqCmFKFca0q9RIYs4OG7i5p2M41mHkI9KurjVMdLN_1mG0dfcDyvFxki2adxOBf-wb_yzt9IdnHTDU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 08:41:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E87A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO2vLJh6.a.C8oprCPVKCQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2

43 B
632 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYqcSW8wEwAQ&v=APEucNUZnRgxmJCJNx_CiRCSqjZkMkoURyWWHcKdc-cW5LpJGA5BpExIG6XzSobniXUgAcF3X8H8D7azkpKtxbn-gcgJgT_kJdm3mNkLYmqCmFKFca0q9RIYs4OG7i5p2M41mHkI9KurjVMdLN_1mG0dfcDyvFxki2adxOBf-wb_yzt9IdnHTDU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 08:41:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E87A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1

43 B
844 B

34ms
34ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYqcSW8wEwAQ&v=APEucNUZnRgxmJCJNx_CiRCSqjZkMkoURyWWHcKdc-cW5LpJGA5BpExIG6XzSobniXUgAcF3X8H8D7azkpKtxbn-gcgJgT_kJdm3mNkLYmqCmFKFca0q9RIYs4OG7i5p2M41mHkI9KurjVMdLN_1mG0dfcDyvFxki2adxOBf-wb_yzt9IdnHTDU

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
an-x-request-uuid: 99297372-0cc3-4a90-b39c-26a091dc0e79
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.233; 193.32.248.233; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E87A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExNTI0OTkwNzg4ODYyMTY0OA%3D%3D

170 B
243 B

70ms
69ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExNTI0OTkwNzg4ODYyMTY0OA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
an-x-request-uuid: 011e47ce-53d4-4d2c-b588-1af6855b47b6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzExNTI0OTkwNzg4ODYyMTY0OA%3D%3D
x-proxy-origin: 193.32.248.233; 193.32.248.233; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564D 0
20 B 157ms
157ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8239736727748&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564D 0
20 B 158ms
157ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8239736727748&version=m202307240101&ct=76&x=1&cor=6600107793727102000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 564D 104 KB
40 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDPDO5qFc5mv2WD_YoDIpS6hgUtTJjNKtwTvQNhG8LrSeJovcFa-mJejKRhs7NbeVPoeH_3OzM0zuywmtYpAc62PaBj18aP7b9HmBxXI1tp31aUPaAmhBkZGP-HymtPpd7ls8yEAH_TugtnxUYLSj7OAoxBzDrkBw1XfjwBmfGZgyjUks&dbm_d=AKAmf-B0pIS1aQwc96W-IUd4UxFEGOn4aLTaj9I8PfLepJ71j1qw9bW4OF-ksj2oNTsvhz7njLG-_9NPRpU9yuTam-qe7FgBZF6r5s6_oLtYYfF77rvmCdKxnYb0J43eie4d2TdhNJI0X0f7AFmjJ8kA4XjXvV_LBqTrdYjScogaJl8Jzh9OuI_0rOAk5JJShrweZuc8bEXIh0BUHtu1yO7LB7KjoZy27vsl4V2Y3aVHyXavCZPCdpvIiHxde8VV7X7JsiBJ-h105YxD32uJ4fuMIj24Q1CLhCi9DEjgQ2-TAwLxo2KIi-FgCPvJ7hDI_BY15dkA_SWFZOFh86UyR7Ti9xZVFoxjHQbR7kz0JhQi5MqJJH0E0OEaforFPjc5TEnnJMrsagkRVuCjrTlpM-iGQRaT4LGs-_ESzwdkfU2ZHPZcP6caxnXEihfrR50LOuBeLm5t_80DP2AltR5HfcJHHgNAv3nx2KF4Nl72Qwkf-M7C-G4MH3GTWHIW6HWkgVUgGfwFs_nVBW46eKgwz-J-5pvCNY_rqdOKCDZTWAyO15CrZO1nDACQyee0tXnqzs0LH0BqU59m13QPyYnuxKWdInjfUfO9aqpiMc5ZxMNCvqPsFkquLXSxR_FIpBYFkIZLDMVBgTJ9S-fB1ZXgyQACl8Lc2P0kcxyCL9P4LYMQgrW40bapJCZFDrhp4q2dgEmEkj2cIanUYst9Qy8WpsTbilWrRnGbWReMlqyrToiB_Qth35pb6WieM6Yk77fnUXL0MhQrQ8LmN6flQw_GSqVSejqNiXE3Qb7UWxwpi-yFiy4XsUT-SKMIFF3013ui-ZWoKz6DP6ucZGENQ2_NjFBesTcdffJy5A7vTIKpDWIP_QVPQqMzVbFkH4pz4hUc95BXM3TmrZpQnOB972M0CbNKUl5jAWVpwRDzSQTMbqk_u5ZlRb356B_iGraj7XnTeoTjTLbYv2EG_EC56YLJmj5i4RO3Z8Sc0HEQCeeuraiFalgFYuNGZeuBkAI6xeqTu7tRMCnR6udg2qb7AaKQt-zMWYCDzfTp72VVKuN6F3j8IarPGqWbp7YlvILggt538_UdJILpm_hDIHVC2ZnISw31MJ6uBG7KlBYigecRIaosUXPPzoLdLMw8dN66d3t-va3KjW_aTHcWqNu4ErOMoKv_H06SYsbgSLw4upgYG6eCbPPovnl4rcj4d-supwx4E21VhCnyIH4I8WPOONhjDMWnvMyqRXiBj5zfVvqMxPMQxvuGL5kEF5_n_PkhoLyLZbTHNRViZMj1ds_00xyoGFWWB9qj9CWBqDVrO0KEtXTqQqhkqsUUb6wjvtdo2RAAKrL_aoVFojV6NXzTGKGQEVPcCnDhul3UW4P6HbUcJkiIlgPeL46jvhoWdS2jLUsYCYzopk2gIl2NOdo7XPFqAcQh3YpasSMCUMspNblQNGVvkEHjlGBm3rKyd8b9a5TQ7Gud7XOrMH16XvKRZDhRadhBaSAoZ0jnDGOcnlJgDtN2VBWwfa_UTe8LmU244-w9IF3lVYlMdCaeXNb60F01IZYFtze_Dtf80UIOKnpHnBKDYSLtQ6XPuqdJewjBunmEbtCkkjSJQ5UuVXDmj4bFRMzvgVc01NeDCByq_qBKve59V9rvKoKqEt-1csTV8SEBnn1MOP-TbigHL_0J0QXgT92cGtZ2pIcBcyG5r71wQegpYyWrOQ3dtPFTuM5BVxmoX-QrEb52RVqv-qE7kMzyJ7a1uyX2F29kWzHuH992MyG556YhaHfdQRJvo3V5ZWyJYdtYi-3VcvA5B9IlzMNNUuXyVh7odOPs7rYB3UyXUlwtlBxa3GQrZiv30Mv6mS51DKG9UoXIYXpIdxe_DZwTkqsIDkm7GOB-bwDnJDUPOnyi54YWHCm6eDy8vr9LkAv-dP7QXtUm4FVdSYLNy8HQp1nlbzDoT7-_FzegHKE-3Exh5_7Rvl_HiHnf7CnPUoh0NgIbBpDj11_uy774Me4-sLyOYXpuxTC5YiL31MK2-7L5iaHOLN_z59mwxEXqAP98qMW-96LltqXE4FMj0PTFhXXugMURONiuMcf51IOUoQUKO1J5NBzj1kHX1YbscOMnSQhh9coLh7guPXL_4LuS7W4emld1vgHtox1U2yTAgW1QIfb0yK1hc5unWXzC-GFJT3pQjCogZlGTeNRXg1-oPAaoGT8zutcLOxuJaI2bTYL8TJY6ax0yZfCrsTRh2JYgzvU2Ah8H9-ev5Yz19rt8QZHzRkL11lvRPjaFrTYmRYMsYKa1E14AmNABx64bxn8L_Jr5IqeUDZ8HnpFxPu_UnR8T3KpRnJwVAzechJpzF3-CCwmOwGETptFnTU20YirrsdSyvXPimSSP6fBaOv9ldxfVVr9795C5z25pTPp2MUSXrto3_0IrjhdG2YFUK1EEGw0uXdCEod3kz2mO1Udi7hH_PIb_tUSISenoEcIEGD3jPUuCXkFjdD_ll-Uia82aSinVfEEJh9v9lbdWANSsd7waYGi2OsVPLi3xBhzdDh6bIKaeDgay1L8tUBJt86ea3oDEJJqnawo4xW1Wc8Mi_zHY4hwyQKHYtsqvPVaFXzcM9D5oYbk69CmizGu2s13BqoDXDplLFxjihZtpE5pI16bqo2aD1dKZxHxHfEZoL4RZ6JwftN0a0519vo_uqqgjOYBuTjBtMHZpc7F4cilZ9BHioWBu4d5TGtuftqdJVpcGE_DODUgFa3Z_subhhHTPL7JVKzz-y2INB8Wt9nWXd3iMxadl8nLNzBI1idTo_bwQjUPgzgqtpnDXEFrNuSqoY4ZRBUGelYXtR5e5sYRISioMuC5z6TACtmDdMzSlKx99BCs3S9lw5so6pbBZ2l9258OiPOC3PI0HXkw1Mj_ex4JGiguxSQHTbUehqXrg7Bu0-7U1R-vJ364QtyI6Jbs8fS5FeBfVL9qJ-2ZOzIgXc_tXI8XJSvrt0n5pP7w8fU6xGNmINU5qhgZt0ndD6P3kb7gdFLO6zT7fkWqSBNV57QcCg0rqKBQFeExJe_Dy_hhCU9_wE2b9ErxZVKDrIvB4mvKxQid2L3j2gtGUbnxJ-ZbjEIcUDSKAi6S-Laa956qJtw-vj-5MGKjLFqZQwwTo56iKYlOyjyfngngBRAUYKnwEBwtxQdjaPCt1R3gyQhfZM-Ub8ig_IGTkf0eUef9pThXTTA64IjE0mKs6B1Q-kLKT9q_cKURt2zZITeSXeHgk7kddVj3MJHQy4598TOB8IUf-CYhKuS2JTux0u1hxP8uoKLAC_W6t8SDa369V2rHNtYis2-je_3TRbYvOekewsKuK2Ty5c-eNfdXw4ZBX50zpR51IaM0yDiTR7nZr358D9u5MGQYehU2NuWMU8DR8r_HbhPkJCoFhgn-TBJczReUcSwiTyLyiMR8zpMS7dVbOnYkOhZmoDGT_UBJPUnth4bB08nykuDQOXxM-n72acHQPGf4FIqyzvEYNjT-swuLAHU_cl5125GDj9hW21lySkELuZbdpzrvniGHfeXgoKswoNsVMKqfBq8Za9Q1lf_RUlR0xr0-A3IgsGkxQu_akOIqlYGXtaoM3JQ8Ipcs517_P29GewwDXrdJD-t9Uzh5KQ0g62alUmsNtIj-KZKYH7l1n05g9-KB8&cid=CAQSPABpAlJW66ZT-Bqclne5xI04QQmyx38lzmIMdNzq2xUXBvUQIuFhDOh_-CAZD1pk4CLDRWhr3zMmoeJYJBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.balatarin.com%2F&ds=l&xdt=1&iif=1&cor=6600107793727102000&adk=1761367587&idt=142&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9567dfdbe1a46a16e9dc15a747ab7f22bf63277d11be0bb563354f1da3615e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40657
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8C1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1

43 B
632 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDgh9qvAxiVgtfJATAB&v=APEucNUjHaddY779q-zJ3qVm-eDcVvvyeT4pRVaMfP7nKCH8XScVv_2cMMJvLLUAhN6T-5sZZN0G95BLdu6l_-t3kyheBzVB-mqBM4Lf4pa5JC4o2j_Lg8FRz6CshJd7FMCEHFLUGxFXqTErHhUdquI8fQJdZPBfeV-gTBP-gIl7P21n9Nlfeyo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 08:41:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8C1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO2vLJh6.a.C8oprCPVKCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2

43 B
766 B

32ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDgh9qvAxiVgtfJATAB&v=APEucNUjHaddY779q-zJ3qVm-eDcVvvyeT4pRVaMfP7nKCH8XScVv_2cMMJvLLUAhN6T-5sZZN0G95BLdu6l_-t3kyheBzVB-mqBM4Lf4pa5JC4o2j_Lg8FRz6CshJd7FMCEHFLUGxFXqTErHhUdquI8fQJdZPBfeV-gTBP-gIl7P21n9Nlfeyo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 08:41:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKnoFI4cAph05qi10duTPrc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8C1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1

43 B
844 B

28ms
28ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDgh9qvAxiVgtfJATAB&v=APEucNUjHaddY779q-zJ3qVm-eDcVvvyeT4pRVaMfP7nKCH8XScVv_2cMMJvLLUAhN6T-5sZZN0G95BLdu6l_-t3kyheBzVB-mqBM4Lf4pa5JC4o2j_Lg8FRz6CshJd7FMCEHFLUGxFXqTErHhUdquI8fQJdZPBfeV-gTBP-gIl7P21n9Nlfeyo

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
an-x-request-uuid: 1baa6707-7d77-4564-9c67-b2fcd7cc9f49
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.233; 193.32.248.233; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAgmiw36R8CgeVkhP5VthHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8C1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyMzA1ODc2MzA2NTE5NTM3NA%3D%3D

170 B
232 B

67ms
66ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyMzA1ODc2MzA2NTE5NTM3NA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
an-x-request-uuid: c165ddd2-c594-4e63-b604-40de1a559b2b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyMzA1ODc2MzA2NTE5NTM3NA%3D%3D
x-proxy-origin: 193.32.248.233; 193.32.248.233; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1593509/73171254/ Frame 564D 250 KB
75 KB 166ms
48ms Script
application/javascript 52.213.146.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1593509/73171254/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014058579&ias_pubId=pub-7031645305449270&ias_chanId=1&ias_placementId=20439850497&bidurl=https://www.balatarin.com/&ias_dealId=&xsId=ABAjH0htzgmoDKL94O5jB5N1p7yq&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0htzgmoDKL94O5jB5N1p7yq
Requested by: Host: www.balatarin.com
URL: https://www.balatarin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.146.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-146-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b5374c1b5900bb2be6eb55d9993fa9c303ad7ddc7c68301ec0b4bab3590ad723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 564D 111 KB
39 KB 194ms
58ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 10:55:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 564D 11 KB
4 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDPDO5qFc5mv2WD_YoDIpS6hgUtTJjNKtwTvQNhG8LrSeJovcFa-mJejKRhs7NbeVPoeH_3OzM0zuywmtYpAc62PaBj18aP7b9HmBxXI1tp31aUPaAmhBkZGP-HymtPpd7ls8yEAH_TugtnxUYLSj7OAoxBzDrkBw1XfjwBmfGZgyjUks&dbm_d=AKAmf-B0pIS1aQwc96W-IUd4UxFEGOn4aLTaj9I8PfLepJ71j1qw9bW4OF-ksj2oNTsvhz7njLG-_9NPRpU9yuTam-qe7FgBZF6r5s6_oLtYYfF77rvmCdKxnYb0J43eie4d2TdhNJI0X0f7AFmjJ8kA4XjXvV_LBqTrdYjScogaJl8Jzh9OuI_0rOAk5JJShrweZuc8bEXIh0BUHtu1yO7LB7KjoZy27vsl4V2Y3aVHyXavCZPCdpvIiHxde8VV7X7JsiBJ-h105YxD32uJ4fuMIj24Q1CLhCi9DEjgQ2-TAwLxo2KIi-FgCPvJ7hDI_BY15dkA_SWFZOFh86UyR7Ti9xZVFoxjHQbR7kz0JhQi5MqJJH0E0OEaforFPjc5TEnnJMrsagkRVuCjrTlpM-iGQRaT4LGs-_ESzwdkfU2ZHPZcP6caxnXEihfrR50LOuBeLm5t_80DP2AltR5HfcJHHgNAv3nx2KF4Nl72Qwkf-M7C-G4MH3GTWHIW6HWkgVUgGfwFs_nVBW46eKgwz-J-5pvCNY_rqdOKCDZTWAyO15CrZO1nDACQyee0tXnqzs0LH0BqU59m13QPyYnuxKWdInjfUfO9aqpiMc5ZxMNCvqPsFkquLXSxR_FIpBYFkIZLDMVBgTJ9S-fB1ZXgyQACl8Lc2P0kcxyCL9P4LYMQgrW40bapJCZFDrhp4q2dgEmEkj2cIanUYst9Qy8WpsTbilWrRnGbWReMlqyrToiB_Qth35pb6WieM6Yk77fnUXL0MhQrQ8LmN6flQw_GSqVSejqNiXE3Qb7UWxwpi-yFiy4XsUT-SKMIFF3013ui-ZWoKz6DP6ucZGENQ2_NjFBesTcdffJy5A7vTIKpDWIP_QVPQqMzVbFkH4pz4hUc95BXM3TmrZpQnOB972M0CbNKUl5jAWVpwRDzSQTMbqk_u5ZlRb356B_iGraj7XnTeoTjTLbYv2EG_EC56YLJmj5i4RO3Z8Sc0HEQCeeuraiFalgFYuNGZeuBkAI6xeqTu7tRMCnR6udg2qb7AaKQt-zMWYCDzfTp72VVKuN6F3j8IarPGqWbp7YlvILggt538_UdJILpm_hDIHVC2ZnISw31MJ6uBG7KlBYigecRIaosUXPPzoLdLMw8dN66d3t-va3KjW_aTHcWqNu4ErOMoKv_H06SYsbgSLw4upgYG6eCbPPovnl4rcj4d-supwx4E21VhCnyIH4I8WPOONhjDMWnvMyqRXiBj5zfVvqMxPMQxvuGL5kEF5_n_PkhoLyLZbTHNRViZMj1ds_00xyoGFWWB9qj9CWBqDVrO0KEtXTqQqhkqsUUb6wjvtdo2RAAKrL_aoVFojV6NXzTGKGQEVPcCnDhul3UW4P6HbUcJkiIlgPeL46jvhoWdS2jLUsYCYzopk2gIl2NOdo7XPFqAcQh3YpasSMCUMspNblQNGVvkEHjlGBm3rKyd8b9a5TQ7Gud7XOrMH16XvKRZDhRadhBaSAoZ0jnDGOcnlJgDtN2VBWwfa_UTe8LmU244-w9IF3lVYlMdCaeXNb60F01IZYFtze_Dtf80UIOKnpHnBKDYSLtQ6XPuqdJewjBunmEbtCkkjSJQ5UuVXDmj4bFRMzvgVc01NeDCByq_qBKve59V9rvKoKqEt-1csTV8SEBnn1MOP-TbigHL_0J0QXgT92cGtZ2pIcBcyG5r71wQegpYyWrOQ3dtPFTuM5BVxmoX-QrEb52RVqv-qE7kMzyJ7a1uyX2F29kWzHuH992MyG556YhaHfdQRJvo3V5ZWyJYdtYi-3VcvA5B9IlzMNNUuXyVh7odOPs7rYB3UyXUlwtlBxa3GQrZiv30Mv6mS51DKG9UoXIYXpIdxe_DZwTkqsIDkm7GOB-bwDnJDUPOnyi54YWHCm6eDy8vr9LkAv-dP7QXtUm4FVdSYLNy8HQp1nlbzDoT7-_FzegHKE-3Exh5_7Rvl_HiHnf7CnPUoh0NgIbBpDj11_uy774Me4-sLyOYXpuxTC5YiL31MK2-7L5iaHOLN_z59mwxEXqAP98qMW-96LltqXE4FMj0PTFhXXugMURONiuMcf51IOUoQUKO1J5NBzj1kHX1YbscOMnSQhh9coLh7guPXL_4LuS7W4emld1vgHtox1U2yTAgW1QIfb0yK1hc5unWXzC-GFJT3pQjCogZlGTeNRXg1-oPAaoGT8zutcLOxuJaI2bTYL8TJY6ax0yZfCrsTRh2JYgzvU2Ah8H9-ev5Yz19rt8QZHzRkL11lvRPjaFrTYmRYMsYKa1E14AmNABx64bxn8L_Jr5IqeUDZ8HnpFxPu_UnR8T3KpRnJwVAzechJpzF3-CCwmOwGETptFnTU20YirrsdSyvXPimSSP6fBaOv9ldxfVVr9795C5z25pTPp2MUSXrto3_0IrjhdG2YFUK1EEGw0uXdCEod3kz2mO1Udi7hH_PIb_tUSISenoEcIEGD3jPUuCXkFjdD_ll-Uia82aSinVfEEJh9v9lbdWANSsd7waYGi2OsVPLi3xBhzdDh6bIKaeDgay1L8tUBJt86ea3oDEJJqnawo4xW1Wc8Mi_zHY4hwyQKHYtsqvPVaFXzcM9D5oYbk69CmizGu2s13BqoDXDplLFxjihZtpE5pI16bqo2aD1dKZxHxHfEZoL4RZ6JwftN0a0519vo_uqqgjOYBuTjBtMHZpc7F4cilZ9BHioWBu4d5TGtuftqdJVpcGE_DODUgFa3Z_subhhHTPL7JVKzz-y2INB8Wt9nWXd3iMxadl8nLNzBI1idTo_bwQjUPgzgqtpnDXEFrNuSqoY4ZRBUGelYXtR5e5sYRISioMuC5z6TACtmDdMzSlKx99BCs3S9lw5so6pbBZ2l9258OiPOC3PI0HXkw1Mj_ex4JGiguxSQHTbUehqXrg7Bu0-7U1R-vJ364QtyI6Jbs8fS5FeBfVL9qJ-2ZOzIgXc_tXI8XJSvrt0n5pP7w8fU6xGNmINU5qhgZt0ndD6P3kb7gdFLO6zT7fkWqSBNV57QcCg0rqKBQFeExJe_Dy_hhCU9_wE2b9ErxZVKDrIvB4mvKxQid2L3j2gtGUbnxJ-ZbjEIcUDSKAi6S-Laa956qJtw-vj-5MGKjLFqZQwwTo56iKYlOyjyfngngBRAUYKnwEBwtxQdjaPCt1R3gyQhfZM-Ub8ig_IGTkf0eUef9pThXTTA64IjE0mKs6B1Q-kLKT9q_cKURt2zZITeSXeHgk7kddVj3MJHQy4598TOB8IUf-CYhKuS2JTux0u1hxP8uoKLAC_W6t8SDa369V2rHNtYis2-je_3TRbYvOekewsKuK2Ty5c-eNfdXw4ZBX50zpR51IaM0yDiTR7nZr358D9u5MGQYehU2NuWMU8DR8r_HbhPkJCoFhgn-TBJczReUcSwiTyLyiMR8zpMS7dVbOnYkOhZmoDGT_UBJPUnth4bB08nykuDQOXxM-n72acHQPGf4FIqyzvEYNjT-swuLAHU_cl5125GDj9hW21lySkELuZbdpzrvniGHfeXgoKswoNsVMKqfBq8Za9Q1lf_RUlR0xr0-A3IgsGkxQu_akOIqlYGXtaoM3JQ8Ipcs517_P29GewwDXrdJD-t9Uzh5KQ0g62alUmsNtIj-KZKYH7l1n05g9-KB8&cid=CAQSPABpAlJW66ZT-Bqclne5xI04QQmyx38lzmIMdNzq2xUXBvUQIuFhDOh_-CAZD1pk4CLDRWhr3zMmoeJYJBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.balatarin.com%2F&ds=l&xdt=1&iif=1&cor=6600107793727102000&adk=1761367587&idt=142&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:06:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 564D 30 KB
11 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:06:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 564D 41 KB
13 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0BE1 1 KB
643 B 60ms
59ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 564D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b92bf422991441eef940379beec4f0d4e838bdaf140da0174971df907777bcdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF20 0
20 B 157ms
157ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2242235684907&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF20 0
20 B 157ms
157ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2242235684907&version=m202307240101&ct=76&x=1&cor=18374103807249720000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF20 77 KB
34 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMpBgHrwA13--EF7J0yP1uAj_ueKWK46XrPDS_5tamD5Dk9U1t-NdRr42K1cZJhj1Ywun9ecChrFJBruAA8NGeNM2sKg&cry=1&dbm_d=AKAmf-AbZ5SAvQZEZbM6yEY4D8ljlPF7Q6Qp9fX3ZEwer85AgkTCIQjADfJjdwbxiS8iAxRX-FjWGV7JM5P40c5SkVpWQc86jxiSEwGup8ZNc6WHiA43plbXHkeyFLc964YdS8Fi6uWtkWxRbLTBjGknWvQDnja1xhZ4u0qEjOO9mO53NwGKWYDTWIcpAojnJaucL6GyeRkRrqOdac4fKXSyIl-kiD2FWuQvWn3Y3tbXPWEec1XKye0bH6cvWSScfa9zdictJzMCqrFj1Cfky1BuD7oT_qhQg7YUoH6Etm41ow4Kcyvwx8f0T1YH9tV3049-61jNrTzpJoO8gGf0ELe2P434urHmjRuSZz_OWTrvmTPBUM6gOxKuw3aNWqhY3shJ_MEYlCkOnKKIQDbC1uIkyQjbCeM-l0QjwVYAKfdQmK_HToxGSy2NafHWreGR9K7lKwOHlcPvhqiWDMiqyGEmvnErI6LgQgZ5DxGgoN1H8oXG3KfCFO39drGv_RB2GtEw4SbLyDJ5qjhIY4q2E0pBceT9HWv3oZNXRZcpkMd2YT4y05Ri54XzylEbR2t4um_vU4qG8opzfL3cV8y4vIUk2mne_gv5Tq6CKoqIxycGM6zZgRFCOkmvyQ3Z1SUWzLIAAsDQyO6wqdv2WGgL-oh4txGDhNzI68L1sTuS7V16mt5xmoWtXwtI1NfY3mvmYwotEoHGZemhguQuIAq89HAtBJIDl_sC74rqvS7EmYajjn8GPjrt5p20gX3vWtRfNjbT5UdR-dfKOfyHx3vbmFbjASBg0A6PAQ6WubmDY8b_7Dgckk1FHDA5UvlYYzZ69RPc62VwpDPVtVGbBm0oaua1YHpjJbr3-X6CgAtA5X3v0E8FMucRunGO5N9OGkTVmm-GPk2tB-p6F935zgecZ2ygSTB1gGzOj5SNwC1BIpGsz6ib-pUv0oUh0c8ij3qajn3vfLLntiX2B0YDXre_M-jjlONniBaIFAWHfLJhqQ2C7GUPiXqoM-c4d0SpVdPVSImstEBu22X1dI2Th5gXcCQUKsJQ-2xprckrQnN60tZhO5nFZREOwcmWmhgvMIu1cbg3HniFAUYZAw42F5EKOXyPWpuvFsKMXd7ri0DGA1T0etWt-mb6jpY-CF6LQpVOA7uHPv0nkHfwWvjJhnoJVoVU2qzAN2qcI9N5dKeIBUkvIJ-GaIRupvtNW3q-cRXrnAKtV-YmGWgot1mctSFZ3j9oC0dxnNb8ifhEvfLh8WkowtnPoQ4hMrXYpAl9J_m7ovjN2QCq6fJ4mwk1jcte8tfF-Ka48DQVMsWab3DkNK4xUgkcqnnV6zh7MwGrjoRXvzNsBr45ef0pvL45SNg4Bqd8WOFonYzOyIRFZv5BHRM3Pbx_TZ_671sahjNVk8rw_4GGvqetULSiZMbmpe8l5GdFcn8_TDS_MX5OFrqohTh1DiAuVjA5Mix61AZFgdsMJ0PmXREN-jSja1AfRpiYM3CQM8cDjenbl5pHwg3In_oPKaPcLICGTU-iB56RyZwDZfL4PIUW_Erfuz1kmXw0heFi1b61srkePA-WLj6CXYBHjGF2LaDk7tGIpU2xuiTteMFsEfED1kxp12BTrawzR4wZWxWZ-ApGmHv6GyaEYpIKwH7HVTHwVJFgbUlm_4dzRn4XabTaZjvQMrZL_VYEfcfUPm_jge-1jAs5tTDAwZhllWVPrY0RwvOOLvpWFQT2frjJw_jn8tH5a9A3MGYwrlX612nQbzOwxRqf-JhXfVh9udZnMEbHkjjXfBZDi2JMsTA3SdrFhMDrQniyMgTC3FyfsZm3utBv8Cm9HODr6tVu1xB-VlHrfrn3Tkqxsmo6JbKOFcaw7lnOLa_WpEDGojAsS-1DgsEv5XK8YICyj9gIQDJZeHu2s5MDLXlvXfJgI-JU89RhL7YCMMfdQmP4Av7hg-EaVnTRBt8pV2e4q5WufjwFaKKSDIisK4pcBfrZfZT6-7oKANZTaCP27-l03a11qHo979aV8nD-T9fGDm8J5od9ViJdaWlODEbVlG-OZs1x9FPLfFZdDBFKXzIU4lltuMrXd4vkfY7uD8G6pWjY4jSdsGYV_knC07DwN6KeMu1iMmKL9mG7gIVRJJ5F7kBq6VnRvYChxtlBDHjwH1LcSeDLXKhufdHGdROIXn-AzqQ73S1XtfzS8Z232Y_DOoKF8mpf0BjQH8LFkATFCr3UeyLfpAg0oY2TFVQFqxsZQV60KindSCzhiyM2Szwhnb2sv2gNdQS-g3KJr96wbHZ--VXDhqTHxBAhSSu6XEdL0-eLQ2-6vIkeXR0Opf-jx8N4klWqxOnALg4m1lvweH8jkvdvU0jp5EOtA7ysJtQ9QkvvOt3bW1AjJN_Vviq5ZCpw7AO3cPZ1dJ8olFEIfnDc532o1DRn-JpV4vH4gNI0LMXq2MXIaYxiaGm3HNsq1Kaaesfp9Vv-Z3mX7-ZNvSN3kwe08EHDOBXKDb0QlWRUEsePwckLusCcMstlxR1Irfw6i0PWTl-DIonUbbQ8EytsIx4I3ddGmesfIGp2lf_fPs4PTuZWMdWLc_AhpPUomsrWqRMVUIXLeNecwiHTCb2ztKom67i6rsxg7GeklhjTEOXomFvlPe_2AFBM6uBiXtLzXMTugEruMLsvZTRUopvMyhLczVmbcZp51JfZX3zZy_DG4Ehsi-vwtF1Uq82hRrgCAO_3z2GTdWgzGr1zmQK3GrvQJ17J-CIfPHy14FEvaj_SU-Fb_JaIC0f3_lhRn3fdwxwbWkckm5JAubdEKb6AucCpB_qw4W8U2NucqAQzdNj6RdMgk6w89RQ9E5ow9EP150m0xojXXggh0TR2imboBNvoiCisdJs3JgYPkSflLA3l5kOajB_26_Ia9vSnhT9f1TqGNsnb39L6YVBJLIzjF8dQhMod0WqOUOpDnYoKunl69HMGzMxAfdTxpYP16Oms_8hTRuovzXAfad3B_ddS5VLc_cbh-_puJnoTpL1zrbZu-li0z6nqS2lsnVEMqjxbfC2x1MCrxAvIRN_whBcHKtNIxD5yHnSdWQXowTKxHP5X6FrZ2pYRXyZZCJzEdNxamh1HqB5t4ZM8a7Lx-0F-CBvtKazYCmNCF7_0awOSYJZoEeD3aY5gwqat_Ox49AOQ3kyeSC6w5hvSM8jaHXisCCNzbZEVcc6HHhQLJ4RlrJUM0bmq71sS3yomljcDLd02Nm4MeJ4rsyMCtHSK-wVQ_MPBDItfw80AW9P9Bi8SiQ48V2NzAiDBOI-oE2QjNxGOq5_SwXVN6A_GDya0MUWLxYS80c2uwKxoEkDbDZXIvrS2jzYaQW4kUkHH9TlWJdhdv81WeJsw-PGTE8S1XCJ3veLZbwsLekkApHLpgCLxdgUgAXtD8WYil7jHx0n8BXGSDf0ynRXcuxaeJvom6vpxi8c9dMHnASkpd4Rtb9X_kDGebv0Cp2UwekKM2xiyrbE0raWx9avQsyL4mksKjEx5g4SIC1X9z4cCOc9FxHbzzLu5wBQOlO91ohJN3sUmUFgSA91GPVu3XkQfqywLXtEtOGmsTaC2t1BhJJpf0dmOJUzuIXgnlPeSnbiOa0600qDuCv7RyRDyen4mwegn7Kj1u_pQIpl1wvxRoGOOKPcAZurLHtc1i7uAn1S7Qmy06GiuWGIDUsr94DQUwFk1EvwdA1y3JUcDxwaDaVfT2XGy1GEsJqLUBWk29b5O3-ZA3L9pQn_bmRVfl04JIDLQAq3rafPZ-r6ezfJl0_EIfkJjR8_Vav6kRf4E4GzAaRWPTBrmt5ohEkrDkoGZuhhCyvmc62XFNyOaHx8&cid=CAQSPABpAlJWy1kJcnSTHNmOr1YA81IgOnAiPODw48XhMXs61lnkwPmw-hzwvX28auX2IgYQh52C5uL0zJTElRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.balatarin.com%2F&ds=l&xdt=1&iif=1&cor=18374103807249720000&adk=2228999115&idt=259&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e697107a204076101510ce1fb0c35486d9d6944cbfbb6fbe82f6a63cbf7a828e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3042 22 KB
8 KB 57ms
56ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0BE1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB2saP7_LuIarICE0eFZyiM&google_cver=1&google_push=AXcoOmTbN7Cf4PVRLmCT20mNHQdaEJWsrQUQkLCUyvSghrs1UNFElOB7sOhSV2PvNJd0jAYNEWtTRt1FySOsKVOKeBu0-N5nT1pj
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQyNDc5NDI5ODQ4NzIyNzk5MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEETkbl8YuuXezeLu_Phb7Ys&google_cver=1

43 B
398 B

34ms
33ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEETkbl8YuuXezeLu_Phb7Ys&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEETkbl8YuuXezeLu_Phb7Ys&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0BE1 35 B
464 B 100ms
30ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENmiE9m0Bj4b71NJRDi_qsM&google_cver=1&google_push=AXcoOmTCGq8Ys9IXAYVpxjjPSD6hj4sEOlhSMB-lGMEIxMjF9E9SihUPCr8h3V9OmYEE3k5ribfUpjU08rrJ9vFIBTioZc3yUf40Sw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECrdngpqwhnYCf5WqdfV78w&google_cver=1&google_push=AXcoOmRCjCcpUpz-LrA7r5s74ka7LpnXc7y9i62k-fnMtmaU5AJ-e661l8ko9weEYHCjfQqJtOWtgkVhNBtlkugu...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRCjCcpUpz-LrA7r5s74ka7LpnXc7y9i62k-fnMtmaU5AJ-e661l8ko9weEYHCjfQqJtOWtgkVhNBtlkuguIOo6ikDauYYOew

170 B
188 B

68ms
67ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRCjCcpUpz-LrA7r5s74ka7LpnXc7y9i62k-fnMtmaU5AJ-e661l8ko9weEYHCjfQqJtOWtgkVhNBtlkuguIOo6ikDauYYOew

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 08:41:17 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRCjCcpUpz-LrA7r5s74ka7LpnXc7y9i62k-fnMtmaU5AJ-e661l8ko9weEYHCjfQqJtOWtgkVhNBtlkuguIOo6ikDauYYOew
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Aug 2023 08:41:16 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM-1a7PHcTBst73-nvKUHoY&google_cver=1&google_push=AXcoOmR9YqP8qpx0CjkCUZbX5Rup-gxqLeP8HdOjOlWNyGA9m9cS7Af6rb9n8sCcLO2dmmfrxVg3qaqdCl9jxgKhE8IpJVWmBavAPA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=21AA6F8B9DC54C1C86DB29876EB68615&google_push=AXcoOmR9YqP8qpx0CjkCUZbX5Rup-gxqLeP8HdOjOlWNyGA9m9cS7Af6rb9n8sCcLO2dmmfrxVg3qaqdCl9jxgK...

170 B
188 B

70ms
70ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=21AA6F8B9DC54C1C86DB29876EB68615&google_push=AXcoOmR9YqP8qpx0CjkCUZbX5Rup-gxqLeP8HdOjOlWNyGA9m9cS7Af6rb9n8sCcLO2dmmfrxVg3qaqdCl9jxgKhE8IpJVWmBavAPA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 08:41:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=21AA6F8B9DC54C1C86DB29876EB68615&google_push=AXcoOmR9YqP8qpx0CjkCUZbX5Rup-gxqLeP8HdOjOlWNyGA9m9cS7Af6rb9n8sCcLO2dmmfrxVg3qaqdCl9jxgKhE8IpJVWmBavAPA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 28 Aug 2023 08:41:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE1
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL-2W10Rcn_NCCuOw69EK14&google_cver=1&google_push=AXcoOmRRcWiAqOx6CWaHnB1Zkpb3NQb_93rp7dy7tFdWWvPEPPYklficbI7D0TpIiOwRftUTghdXVJy0xxV2UdZw...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOVF6JKYS1Ct7MAgqRF00w2&google_push=AXcoOmRRcWiAqOx6CWaHnB1Zkpb3NQb_93rp7dy7tFdWWvPEPPYklficbI7D0TpIiOwRftUTghdXVJy0xxV2UdZwFW52FZGqjJHUTw

170 B
188 B

67ms
67ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOVF6JKYS1Ct7MAgqRF00w2&google_push=AXcoOmRRcWiAqOx6CWaHnB1Zkpb3NQb_93rp7dy7tFdWWvPEPPYklficbI7D0TpIiOwRftUTghdXVJy0xxV2UdZwFW52FZGqjJHUTw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 08:41:17 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TOVF6JKYS1Ct7MAgqRF00w2&google_push=AXcoOmRRcWiAqOx6CWaHnB1Zkpb3NQb_93rp7dy7tFdWWvPEPPYklficbI7D0TpIiOwRftUTghdXVJy0xxV2UdZwFW52FZGqjJHUTw
x-host: tde-deliveryengine-production-5c85b8f797-8jh55
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC1EcxjJ5yTagZrHSu49nd4&google_cver=1&google_push=AXcoOmSs38ITYNGOzLRfNpGV91kVy_yOO7hQmKh896XRI2NXp6HXf3AZlxd6mTMGaEaEsmT_chyh8FsxE6Zj...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSs38ITYNGOzLRfNpGV91kVy_yOO7hQmKh896XRI2NXp6HXf3AZlxd6mTMGaEaEsmT_chyh8FsxE6ZjgqThTr0uYJG_ds5hfg

170 B
188 B

69ms
69ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSs38ITYNGOzLRfNpGV91kVy_yOO7hQmKh896XRI2NXp6HXf3AZlxd6mTMGaEaEsmT_chyh8FsxE6ZjgqThTr0uYJG_ds5hfg

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSs38ITYNGOzLRfNpGV91kVy_yOO7hQmKh896XRI2NXp6HXf3AZlxd6mTMGaEaEsmT_chyh8FsxE6ZjgqThTr0uYJG_ds5hfg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE1
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELu3scMliTz6o8Nxxrr1LtU&google_cver=1&google_push=AXcoOmS6O6MVyQzmcZbRGmWg-F-QjKTdnb7Sn6j0uadMbTEQRVMcQQusPVyWzje7gk...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6O6MVyQzmcZbRGmWg-F-QjKTdnb7Sn6j0uadMbTEQRVMcQQusPVyWzje7gkjxU3Tcr3vo7MNw4EeXJivkcAekQgbUL1szK30&google_hm=...

170 B
188 B

68ms
67ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6O6MVyQzmcZbRGmWg-F-QjKTdnb7Sn6j0uadMbTEQRVMcQQusPVyWzje7gkjxU3Tcr3vo7MNw4EeXJivkcAekQgbUL1szK30&google_hm=-bAz0c2YRIOwxieRpDQz8uk

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS6O6MVyQzmcZbRGmWg-F-QjKTdnb7Sn6j0uadMbTEQRVMcQQusPVyWzje7gkjxU3Tcr3vo7MNw4EeXJivkcAekQgbUL1szK30&google_hm=-bAz0c2YRIOwxieRpDQz8uk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0BE1 0
59 B 65ms
64ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LV-4u8MbMBl3y8gI5Cl4sNc9KoyhwR5sIZxnKUySaiJMnSQToTJ1ag01yG0RdNuQkRk1ZJnQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3042 37 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame BF20 30 KB
11 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMpBgHrwA13--EF7J0yP1uAj_ueKWK46XrPDS_5tamD5Dk9U1t-NdRr42K1cZJhj1Ywun9ecChrFJBruAA8NGeNM2sKg&cry=1&dbm_d=AKAmf-AbZ5SAvQZEZbM6yEY4D8ljlPF7Q6Qp9fX3ZEwer85AgkTCIQjADfJjdwbxiS8iAxRX-FjWGV7JM5P40c5SkVpWQc86jxiSEwGup8ZNc6WHiA43plbXHkeyFLc964YdS8Fi6uWtkWxRbLTBjGknWvQDnja1xhZ4u0qEjOO9mO53NwGKWYDTWIcpAojnJaucL6GyeRkRrqOdac4fKXSyIl-kiD2FWuQvWn3Y3tbXPWEec1XKye0bH6cvWSScfa9zdictJzMCqrFj1Cfky1BuD7oT_qhQg7YUoH6Etm41ow4Kcyvwx8f0T1YH9tV3049-61jNrTzpJoO8gGf0ELe2P434urHmjRuSZz_OWTrvmTPBUM6gOxKuw3aNWqhY3shJ_MEYlCkOnKKIQDbC1uIkyQjbCeM-l0QjwVYAKfdQmK_HToxGSy2NafHWreGR9K7lKwOHlcPvhqiWDMiqyGEmvnErI6LgQgZ5DxGgoN1H8oXG3KfCFO39drGv_RB2GtEw4SbLyDJ5qjhIY4q2E0pBceT9HWv3oZNXRZcpkMd2YT4y05Ri54XzylEbR2t4um_vU4qG8opzfL3cV8y4vIUk2mne_gv5Tq6CKoqIxycGM6zZgRFCOkmvyQ3Z1SUWzLIAAsDQyO6wqdv2WGgL-oh4txGDhNzI68L1sTuS7V16mt5xmoWtXwtI1NfY3mvmYwotEoHGZemhguQuIAq89HAtBJIDl_sC74rqvS7EmYajjn8GPjrt5p20gX3vWtRfNjbT5UdR-dfKOfyHx3vbmFbjASBg0A6PAQ6WubmDY8b_7Dgckk1FHDA5UvlYYzZ69RPc62VwpDPVtVGbBm0oaua1YHpjJbr3-X6CgAtA5X3v0E8FMucRunGO5N9OGkTVmm-GPk2tB-p6F935zgecZ2ygSTB1gGzOj5SNwC1BIpGsz6ib-pUv0oUh0c8ij3qajn3vfLLntiX2B0YDXre_M-jjlONniBaIFAWHfLJhqQ2C7GUPiXqoM-c4d0SpVdPVSImstEBu22X1dI2Th5gXcCQUKsJQ-2xprckrQnN60tZhO5nFZREOwcmWmhgvMIu1cbg3HniFAUYZAw42F5EKOXyPWpuvFsKMXd7ri0DGA1T0etWt-mb6jpY-CF6LQpVOA7uHPv0nkHfwWvjJhnoJVoVU2qzAN2qcI9N5dKeIBUkvIJ-GaIRupvtNW3q-cRXrnAKtV-YmGWgot1mctSFZ3j9oC0dxnNb8ifhEvfLh8WkowtnPoQ4hMrXYpAl9J_m7ovjN2QCq6fJ4mwk1jcte8tfF-Ka48DQVMsWab3DkNK4xUgkcqnnV6zh7MwGrjoRXvzNsBr45ef0pvL45SNg4Bqd8WOFonYzOyIRFZv5BHRM3Pbx_TZ_671sahjNVk8rw_4GGvqetULSiZMbmpe8l5GdFcn8_TDS_MX5OFrqohTh1DiAuVjA5Mix61AZFgdsMJ0PmXREN-jSja1AfRpiYM3CQM8cDjenbl5pHwg3In_oPKaPcLICGTU-iB56RyZwDZfL4PIUW_Erfuz1kmXw0heFi1b61srkePA-WLj6CXYBHjGF2LaDk7tGIpU2xuiTteMFsEfED1kxp12BTrawzR4wZWxWZ-ApGmHv6GyaEYpIKwH7HVTHwVJFgbUlm_4dzRn4XabTaZjvQMrZL_VYEfcfUPm_jge-1jAs5tTDAwZhllWVPrY0RwvOOLvpWFQT2frjJw_jn8tH5a9A3MGYwrlX612nQbzOwxRqf-JhXfVh9udZnMEbHkjjXfBZDi2JMsTA3SdrFhMDrQniyMgTC3FyfsZm3utBv8Cm9HODr6tVu1xB-VlHrfrn3Tkqxsmo6JbKOFcaw7lnOLa_WpEDGojAsS-1DgsEv5XK8YICyj9gIQDJZeHu2s5MDLXlvXfJgI-JU89RhL7YCMMfdQmP4Av7hg-EaVnTRBt8pV2e4q5WufjwFaKKSDIisK4pcBfrZfZT6-7oKANZTaCP27-l03a11qHo979aV8nD-T9fGDm8J5od9ViJdaWlODEbVlG-OZs1x9FPLfFZdDBFKXzIU4lltuMrXd4vkfY7uD8G6pWjY4jSdsGYV_knC07DwN6KeMu1iMmKL9mG7gIVRJJ5F7kBq6VnRvYChxtlBDHjwH1LcSeDLXKhufdHGdROIXn-AzqQ73S1XtfzS8Z232Y_DOoKF8mpf0BjQH8LFkATFCr3UeyLfpAg0oY2TFVQFqxsZQV60KindSCzhiyM2Szwhnb2sv2gNdQS-g3KJr96wbHZ--VXDhqTHxBAhSSu6XEdL0-eLQ2-6vIkeXR0Opf-jx8N4klWqxOnALg4m1lvweH8jkvdvU0jp5EOtA7ysJtQ9QkvvOt3bW1AjJN_Vviq5ZCpw7AO3cPZ1dJ8olFEIfnDc532o1DRn-JpV4vH4gNI0LMXq2MXIaYxiaGm3HNsq1Kaaesfp9Vv-Z3mX7-ZNvSN3kwe08EHDOBXKDb0QlWRUEsePwckLusCcMstlxR1Irfw6i0PWTl-DIonUbbQ8EytsIx4I3ddGmesfIGp2lf_fPs4PTuZWMdWLc_AhpPUomsrWqRMVUIXLeNecwiHTCb2ztKom67i6rsxg7GeklhjTEOXomFvlPe_2AFBM6uBiXtLzXMTugEruMLsvZTRUopvMyhLczVmbcZp51JfZX3zZy_DG4Ehsi-vwtF1Uq82hRrgCAO_3z2GTdWgzGr1zmQK3GrvQJ17J-CIfPHy14FEvaj_SU-Fb_JaIC0f3_lhRn3fdwxwbWkckm5JAubdEKb6AucCpB_qw4W8U2NucqAQzdNj6RdMgk6w89RQ9E5ow9EP150m0xojXXggh0TR2imboBNvoiCisdJs3JgYPkSflLA3l5kOajB_26_Ia9vSnhT9f1TqGNsnb39L6YVBJLIzjF8dQhMod0WqOUOpDnYoKunl69HMGzMxAfdTxpYP16Oms_8hTRuovzXAfad3B_ddS5VLc_cbh-_puJnoTpL1zrbZu-li0z6nqS2lsnVEMqjxbfC2x1MCrxAvIRN_whBcHKtNIxD5yHnSdWQXowTKxHP5X6FrZ2pYRXyZZCJzEdNxamh1HqB5t4ZM8a7Lx-0F-CBvtKazYCmNCF7_0awOSYJZoEeD3aY5gwqat_Ox49AOQ3kyeSC6w5hvSM8jaHXisCCNzbZEVcc6HHhQLJ4RlrJUM0bmq71sS3yomljcDLd02Nm4MeJ4rsyMCtHSK-wVQ_MPBDItfw80AW9P9Bi8SiQ48V2NzAiDBOI-oE2QjNxGOq5_SwXVN6A_GDya0MUWLxYS80c2uwKxoEkDbDZXIvrS2jzYaQW4kUkHH9TlWJdhdv81WeJsw-PGTE8S1XCJ3veLZbwsLekkApHLpgCLxdgUgAXtD8WYil7jHx0n8BXGSDf0ynRXcuxaeJvom6vpxi8c9dMHnASkpd4Rtb9X_kDGebv0Cp2UwekKM2xiyrbE0raWx9avQsyL4mksKjEx5g4SIC1X9z4cCOc9FxHbzzLu5wBQOlO91ohJN3sUmUFgSA91GPVu3XkQfqywLXtEtOGmsTaC2t1BhJJpf0dmOJUzuIXgnlPeSnbiOa0600qDuCv7RyRDyen4mwegn7Kj1u_pQIpl1wvxRoGOOKPcAZurLHtc1i7uAn1S7Qmy06GiuWGIDUsr94DQUwFk1EvwdA1y3JUcDxwaDaVfT2XGy1GEsJqLUBWk29b5O3-ZA3L9pQn_bmRVfl04JIDLQAq3rafPZ-r6ezfJl0_EIfkJjR8_Vav6kRf4E4GzAaRWPTBrmt5ohEkrDkoGZuhhCyvmc62XFNyOaHx8&cid=CAQSPABpAlJWy1kJcnSTHNmOr1YA81IgOnAiPODw48XhMXs61lnkwPmw-hzwvX28auX2IgYQh52C5uL0zJTElRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.balatarin.com%2F&ds=l&xdt=1&iif=1&cor=18374103807249720000&adk=2228999115&idt=259&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:06:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame BF20 11 KB
4 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:06:35 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF20 0
0 270ms
104ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstugwS450FSTUr0zrc9RWJxcsd9opuNRC6POMEo_RlnCZhr8WVo-2Oai3oKLUnbLOGNHf0ghpi0rsda_UBK7BzpLOoCsUInHwzbea4Tq_3wvLUW4ra4-MmhesbcjIdl-53onim_4LgNvVq1YrLCQ8EYACYhoMomoGYBCIGrbUFQZJw9PifS6iB3YQQS0e1L49udTrntPRNt_Fth1Gt058_ikhey1PYn-uKr1EblsX8UvIq32LPIlYPiXsw7baQbeslbW3btdQUevFGngiUXfH2NEvXIjfsNRW9w5j7Bd4DeNdKu20kZpYkYmx9bvNauFbvRT4uyPStFQ9yFCBx4KhmIArVZtYGGIDcHB1vaUejSmgh24BvGaBcUlbxcUbAXFpyt7R-2mC4p0M5sV22wfAfiUNOO9PvJH5NMDTZvlzfa5rH678UZIx89RF6sF-j_atz5QHsfFy-0EoNEYiY4a2VJd1xY_ea3SZnucjWp47iy_8bgSfkr7f5arymM3fQcWGeHTrlYmuRn7kxmLjd36m5BhlGoWIGZPkfDQ1LPeZ9D1x80U-_llBW2A3AvlKbL2rHUbTyg7QymiRnQyY7bd_zsMuGmZek6TK3Pocbj5fAFWWGBOrX6PHhvyOtN_gyf7QLwYCH1SIwX1T3nc5ospz8EhqUubR13bIvt5H-ObrJ9OGQQ79UIsQaCFPywt0Y8j4DEJrX34gsDMmIOzbPJNZf7gCfeUluxaxJzmzYdXrWE-eS497HykIEkZH7O28Jg-gj3RsJfyq8NduIwVgUnqymy7yzNAloAk0API_5g5j2KmZZBxGt7bQ_jru8nrKmJcgsrpQTj-iPAvCI1WJ9xBTBk_Dd5X7KpJuANNTEhoBMnty1QIkpHtivAeWziJ7_CpCmlShOJXHj8feENxPqgwy-z55LVQxYUQm7kNN0uaRtJM2WYJBtxGcsP5787pyot8sH_pX6sn-bLLnFyIxMVEdeTOJMD_yzWqbaqMm8ju9VFBhsAM3wNob7GEioYHlcDjk-mrx9qDVV0Q6T5tIkVVtKbQST70RMYxruWa01nHN03Fvk0_iorf8_WmUlgKknMAmMp1PScNlsK7sEMsB8wNFXlObs59_RkTDxLo2kYZC23SugwNp7wJagrIQBzAox51AVYFQ96FbU7satM_A0ws4ouk3tDbC88jDt4qP3THjOP5IkblvTMnlam2ukEihX9JOt96YfESp2zsJCHsL4BKyY5Z0fGt0V6ZfFvYItNz5fqtmp5-5oJEeqJds4u9I7BDshu3gkMj8rgRUSjE06DnAYVqbCjGWCPEwVSU8TvJI6q9A8GWVcWWETYeF0&sai=AMfl-YSh_Nz3h0ZlE9BecJi0Qnz6ZJ-wdvlYiZvMCNtpMp8R4LDwOzsU_tJOuGM_99WU8Tn9IO0ItlISKgvkQYDWo4fiQlUIQfmbn1ssWOUe5W1mmUGoAJ7Sh21ilUm_DZ3JXAaiwgWOhbCuFEbnrPOLuLAlIcztRKhc9FU79HL0gC8KvotLmZQ8OBU2MMKo8BFr7-6nm9fUVQR5_78_m5TBkfztJpwuCYUOmnftTZYxDd4PWQZZS5uo2yXhNE1aQ1eEGMTzeOw&sig=Cg0ArKJSzO2luiMGzIsfEAE&uach_m=%5BUACH%5D&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230828.35821&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF20 41 KB
13 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H2 200 17476771006842393771
s0.2mdn.net/simgad/ Frame BF20 56 KB
57 KB 207ms
77ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17476771006842393771

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01d2aef9098f4e33f6d12895c606bf59a5cace58ac1073c92e602acb5f01ab44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:31:14 GMT
x-content-type-options: nosniff
age: 321003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57816
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 18:41:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Aug 2024 15:31:14 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame BF20 0
338 B 152ms
47ms Image
text/plain 34.252.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=ux5k5l91h&campaignid=27769850&advertiserid=8316070&placementid=335829643&adid=562794336&creativeid=195327622&siteid=7939113
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.154.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Tue, 29 Aug 2023 08:41:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1693298477
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2CF3 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF20 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99bf05d22d22e7bea21cdf155ce42cfab3e5855f6c15ad4f7f2722f3e7d7602b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A76B 22 KB
8 KB 57ms
57ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2CF3 0
104 B 193ms
106ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENPwQJkZqQPQX7IcxLhwB9g&google_cver=1&google_push=AXcoOmRjJGGbNAYUit3FvbAYAKJoPYaWgoXzXqntMcAlpS7j3WjMOmc9_RlHN_Kt1N7oUzlSPLBE1lBZ_BDLGCqlgZTpY-zJ088Bktw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CF3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TkxzRmNsM1IxUUFVaEw1&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cver=1&google_push=AXcoOmSnC8XS-OzYvBMhQr1cLV9rDr5wmQK2EFADpPaNxJS...

170 B
188 B

68ms
68ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TkxzRmNsM1IxUUFVaEw1&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cver=1&google_push=AXcoOmSnC8XS-OzYvBMhQr1cLV9rDr5wmQK2EFADpPaNxJSjWzAMYKaAmM0aO5CyLlc_faxBS5TGVVkiVl8Nyo_OautTze0sI8_1FBA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 08:41:16 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TkxzRmNsM1IxUUFVaEw1&google_gid=CAESEPGWnDRlM0yW3X3FTkL_cqU&google_cver=1&google_push=AXcoOmSnC8XS-OzYvBMhQr1cLV9rDr5wmQK2EFADpPaNxJSjWzAMYKaAmM0aO5CyLlc_faxBS5TGVVkiVl8Nyo_OautTze0sI8_1FBA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 2CF3 0
98 B 115ms
37ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQTP84RKWnPqFJlvxWF43mykV3u_tC7_0wec8Jv_4A2EcPOWxUbJY6VwQK0fptJGAbKo-gAJE0mnidbMeB4pA9VYJqWsKPsCcA&google_gid=CAESEA9tsbWE0OHwaxbVF_uARl4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 2CF3 43 B
146 B 140ms
30ms Image
image/gif 18.196.113.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEODLYPfYgkvFMpSx0ytcgYI&google_cver=1&google_push=AXcoOmRf6oQugLO8u93FgnRGxSNp6pI1SgrbgMroRY8pLrl5BGxx8nFbRHFMPMOPT8eH7_cEch5iPI5O8M3bp38TeHCYFQkO7kohuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=280&slotname=5688324856&adk=4223602507&adf=3412014494&pi=t.ma~as.5688324856&w=336&lmt=1693291276&rafmt=12&format=336x280&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476013&bpp=1&bdt=631&idt=413&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0%2C779x90&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjJEST0Xzo&p=https%3A//www.balatarin.com&dtd=416
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.113.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CF3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENZLOTuy92Ok0B6_ecnEvvo&google_cver=1&google_push=AXcoOmRD8TitulMMQ0AS1IajROZTfk8tAi--kKtCyPL0kgn0A3AHIJalXKl-5CI4zDjKGelbMoArysWXpPBLrCuMnsIfv8B...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD8TitulMMQ0AS1IajROZTfk8tAi--kKtCyPL0kgn0A3AHIJalXKl-5CI4zDjKGelbMoArysWXpPBLrCuMnsIfv8BHkixgFB8&google_hm=eS16X2ZxWDBoRTJwSFA...

170 B
188 B

67ms
66ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD8TitulMMQ0AS1IajROZTfk8tAi--kKtCyPL0kgn0A3AHIJalXKl-5CI4zDjKGelbMoArysWXpPBLrCuMnsIfv8BHkixgFB8&google_hm=eS16X2ZxWDBoRTJwSFA2T3JMaHZoNmdwQWtzWkU5dktLT35B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 08:41:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRD8TitulMMQ0AS1IajROZTfk8tAi--kKtCyPL0kgn0A3AHIJalXKl-5CI4zDjKGelbMoArysWXpPBLrCuMnsIfv8BHkixgFB8&google_hm=eS16X2ZxWDBoRTJwSFA2T3JMaHZoNmdwQWtzWkU5dktLT35B
content-length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 2CF3 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CF3
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPwOSSfkWgLgCgruxNITf2w&google_cver=1&google_push=AXcoOmRM-YlBJgOcePlghhjM-oe8Z5kPFoJbILzM326S_yveyDlrnuow9JCwRorbYj...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRM-YlBJgOcePlghhjM-oe8Z5kPFoJbILzM326S_yveyDlrnuow9JCwRorbYjRaaB4_j1p6df9q8vE8gMMGKSpwhoy2DT-VOaqn&google_hm...

170 B
188 B

68ms
67ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRM-YlBJgOcePlghhjM-oe8Z5kPFoJbILzM326S_yveyDlrnuow9JCwRorbYjRaaB4_j1p6df9q8vE8gMMGKSpwhoy2DT-VOaqn&google_hm=-bAz0c2YRIOwxieRpDQz8uk

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:16 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRM-YlBJgOcePlghhjM-oe8Z5kPFoJbILzM326S_yveyDlrnuow9JCwRorbYjRaaB4_j1p6df9q8vE8gMMGKSpwhoy2DT-VOaqn&google_hm=-bAz0c2YRIOwxieRpDQz8uk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2CF3 0
12 B 66ms
64ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKVtGJ8C_7Z6d7P_jiVibtRbce9LyU-ljZwLiwp98cKHQNqLdhoHRRYBdCTMIw9r0foBa7yZk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 564D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1593509/73171254/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014058579&ias_pubId=pub-7031645305449270&ias_chanId=1&ias_placementId=20439850497&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0htzgmoDKL94O5jB5N1p7yq&ias_xappb=&adContainerId=brand_safety_LK_tZPraOISk9u8P4a290A0&cbFunctionName=goog_wrapCb_LK_tZPraOISk...

1 KB
1 KB

56ms
36ms

Script
application/javascript

2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0htzgmoDKL94O5jB5N1p7yq&ias_xappb=&adContainerId=brand_safety_LK_tZPraOISk9u8P4a290A0&cbFunctionName=goog_wrapCb_LK_tZPraOISk9u8P4a290A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop: FRA56-P5
age: 63495
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: yR6bOiyqxU21zbdiqlcz-DCU1FrNdUG5NFfSU-KUzvPDgZONkZ9wUQ==

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0htzgmoDKL94O5jB5N1p7yq&ias_xappb=&adContainerId=brand_safety_LK_tZPraOISk9u8P4a290A0&cbFunctionName=goog_wrapCb_LK_tZPraOISk9u8P4a290A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0872 91 KB
23 KB 109ms
33ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 29523901
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: UeiqjJvhFizqZ0_V3z52-bfFjjBdmbABcFjYPyy233CpVmxCTO8s-Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 564D 43 B
215 B 905ms
196ms Image
image/gif 2600:1f13:800:7781:770b:e7be:3f6f:3579
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=b54ae49c-6bef-afd7-c814-3ef2cfb61e01&tv=%7Bc:mFGu2Y,pingTime:-3,time:74,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOjhQuG+11%7C12%7C13%7C14%7C151*.1593509-73171254%7C1511%7C1512%7C15131%7C161%7C162%7C163%7C17,idMap:151*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 564D 43 B
216 B 900ms
195ms Image
image/gif 2600:1f13:800:7781:770b:e7be:3f6f:3579
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=b54ae49c-6bef-afd7-c814-3ef2cfb61e01&tv=%7Bc:mFGu2Z,pingTime:-6,time:75,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOjhQuG+11%7C12%7C13%7C14%7C151*.1593509-73171254%7C1511%7C1512%7C15131%7C161%7C162%7C163%7C17,idMap:151*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&tpiLookup=ao:www.balatarin.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/5114669831148726762/ Frame B21C 118 KB
22 KB 87ms
86ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5114669831148726762/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31723dc4703cab503d3d6b4c49c6b04e6d8a5f35255e7eff840d063846fe136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 448874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22752
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:00:03 GMT
expires: Fri, 23 Aug 2024 04:00:03 GMT
last-modified: Fri, 04 Aug 2023 11:45:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 564D 0
0 108ms
108ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSsrgvH0Z-BSlJcscXoe1En3eEEZYfzSEg8jwhh3nYwqbg0WwiEwmES6N7k6CeH-r-qVt7FtK1TT0XMMp9ZiuEXpFdMIJqAwMq3X6RrvIx_gZrvwI7Qr9D1SV9VlsC-o3_Y1TDQTpzXpVGLkZWCpppiDl86vbHtroa7lHsaBuhu3go9cq-YqZ5Q7H6iCmwkvL6937cPxsJ4Q-hAh0jU5IYLfu9TFe9CdXYq2kV55zmbvdvXn3f0Dlmq3TiM2BbS91w0sDQcF9i6lhdQ6vmji2h65pFLVX-OqWDHFqiIE-iK0MtE-xCn5bluOiUlfJRHHXXMaDen9prNluq-Je8yjaJKc4cvPK_D4-oDPSqdM5aKq-ejlZVTGWZv-QMsvOaBrr-fe1WSVRxKLsUyUXCwPGOoZm7ZbWsvU0Hvb8FoKarhfXvEcb74yW3q2lQ2s7_9HDMUGz4gbIqb3ndPZiSKLkQ2Shq4aFrEVMYxszeqsK-RZdzArrN-YxV7V0xCeIq4ehcTjikA3tmgu2JLRg8zBYMkOgGEgXr1g735UMtVazYf4anRJFsBUCgiV3qyykCpaaAoV9Pf_Y6FHKBfcuoGMBh_2gYSpiXa3J7MGhqyTv3q4NuPynz8KRnY3HMPtZLmL-4D4IwKq_MI2wVqTb0iGEQb2ksS1giTECSOfVaO89Vo3thdXi5wEI2AMHzd5so--_2s05FkhoJgpdDopg9T48Od2nnX7YiGih9BHs0C24KmuPpeIkiOnPbrhk-Lj-9Zi01swelGchBzXJfSATEbyrBGV58M2wtEzcuOwsFYJR6W7RCDFeBNhYBX3yW725IjlH4juAbOWvvZcEGRcKT2NBfCsL9g3yYo9nXppLsqhV2u-ei-swzFCysfsT6QSWEjnuyhfNBfQw6B4D0JjUL9--JRY39MQm6x1iZpVLKY74VdjPH8YEXIwi8WKqmncXGM0JlFJ8NlPlQ7biUIzncPj0TzTAb-M0eaHh0Gzlorwvnk2_9yTrH8pC0fcLOXTEpcWfYioHtjvDxSRrYn1ARQyxpDuixmdMdm1HlAxdzQhrPq5l4jLkrD84QnhgPXn8N0QchTrVj0Jlkg1YM8dJKqhp97Q1GzX4tk33KInNdxXm5mPe8gBiIYt9IpXTfC70wuKW4LdJnnQnF4v5tYLl4A-Y5ganu6TQ68cHcijvCdjGgLBxHxoHKhdFcuOVbDOcR0VUDkQmMPQk_NEa4ZCQIR_sxVxuNPNWFcrz6vJaaElnkdbT_Wi0rn9tknL5qR8mFPgDshjJA5bueCq9oH-TWzE7E54A__7w4Hs2FzXjWbOmFFCG2XV0ruqPtgGhsEzhilqg&sai=AMfl-YSDqe5zudjdfCe6qUVW6VnH9VWUv8YVZO3t6SAB62WlH66lXa5G7AJQy3ItyUJgNHRaYpOdomihXzEJRULl9JRAEdSmllT4w83N2kmJBOqFWMEU42PuGaeZzSA7NBvV-jcloWBsj4EzcFTJy1HQtSUWcWM21I2XEwFIdvS5JRqqhBDm5rcpJ-s1Ei9rVu34BJ5rbTCM3wgNZ-XZBHsSHOzb_pJU-mqwZnYpnaarIJrPxEk6Gpf6zbbIc27uGKMYjfT922k&sig=Cg0ArKJSzH8OW73RfEC7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=375&cbvp=1&cstd=372&cisv=r20230828.69178&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:41:17 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 564D 43 B
215 B 863ms
196ms Image
image/gif 2600:1f13:800:7781:770b:e7be:3f6f:3579
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=b54ae49c-6bef-afd7-c814-3ef2cfb61e01&tv=%7Bc:mFGu3F,pingTime:-2,time:117,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:566,beZ:568,mfA:571,cmA:572,inA:573,inZ:577,prA:578,prZ:590,si:598,poA:600,poZ:630,cmZ:630,mfZ:630,loA:641,loZ:645,ltA:682,ltZ:683%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOjhQuG+11%7C12%7C13%7C14%7C151*.1593509-73171254%7C1511%7C1512%7C15131%7C161%7C162%7C163%7C17,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:33,sinceFw:82,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame A76B 37 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 0
20 B 163ms
162ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B99eDLK_tZPraOISk9u8P4a290A0AAAAAOAHgBAI&bg=!DA-lD0DNAAYkVgHwBFY7ADQBe5WfOJUYZzJPxQNXCkVypVruS8NdACpKjmWbjSzpwaHBftdsHGAr-MZKRsahx7N891FqAgAAANBSAAAACmgBB5kDBKJl8jtY1uNtT5WAal2Wnf0d9YQCstkwu9Lob-mzmizBknUEq7ijIzUOnFEDBf_CIkWHAnYlnjuVEP70rgyuavtYu-AAW9nFesxlwP-3xJzGfPe8obYZUXEr2fmG2w5UJZn87_g9ny4tUHPGeC30xTm5qadCFoNFWSH-LFjVGPXm13l6eMM_o0NNuiX6Ayr6QFJ6zFcaudrOCey4uTBMUkCcGnkg-z_GM_gSzHtOc3GKEdJqk22kFZidXWWx2O5pvAsBTwWKoe_zcrKY9kkCNyj_1RGNcjJipYvLYAULXJOl-J3RwrJyaJnAkr8xcsPfWoYIVtWADW6bNrg0_7_rI58y95awXni_rtoPgL0gco3eFwTbEVphgmxPzZ1fWLVJNLEVXzzD2b1xOjIaS8o5Jn47-YKADEZJM7uWSX7z680fCQT3CEPX22wu6KOGNtKFnfJYbN1WoOdzA9bLNQBcLj7IlE9QlSglcmdxwmWUC-F463GGxpEeQTG3EWmdgxFzvKUqCe4gM8QNqv_IjFqgIfBQYgiuYe2dDbvUpwriJIZH-5vioEkShhsU00DIQlMcRGCbOwcokOGWjISOhyNcSvPFkt7uqusCYOmkNe7iqiVTpd6S20zVtNpoSj5xIwZvK2A6XmvwzcktxICtS9myBbJtSufTKlMnVdj_5-3l1hEfznnH6vAa5xMmlV05cNxKR7ptnnyGFGLK1VMY_2PS4ykmf8TKzZY_eXVEt0nC-i5WW2C-Ym3WTYqxa5rf8wheeA4JrW5f6h6e0FNOSt9pnnirc_oz7F6hzd7fy20T2JQiRsHgNM_yMbHxJe0cNawFhfL89-Ch4HNMr8mYQk3EgTkjYTISF7ef_kbf78CmSM5pNdi-4q4WEGBFHhov8vo-6MYmh-XHIpasS5CAjxUL-eNfuWRKO7XzenocOnIn3oZ6NYfyQ9Y6YR81LZoXx578id9KWsMDc6fOcdYAQ6dPEcF0z5dzHn2OcDWQFhf2NJ53FwEFka2eo75KeDZdNiQK_Gisvp4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF20 0
0 96ms
96ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstugwS450FSTUr0zrc9RWJxcsd9opuNRC6POMEo_RlnCZhr8WVo-2Oai3oKLUnbLOGNHf0ghpi0rsda_UBK7BzpLOoCsUInHwzbea4Tq_3wvLUW4ra4-MmhesbcjIdl-53onim_4LgNvVq1YrLCQ8EYACYhoMomoGYBCIGrbUFQZJw9PifS6iB3YQQS0e1L49udTrntPRNt_Fth1Gt058_ikhey1PYn-uKr1EblsX8UvIq32LPIlYPiXsw7baQbeslbW3btdQUevFGngiUXfH2NEvXIjfsNRW9w5j7Bd4DeNdKu20kZpYkYmx9bvNauFbvRT4uyPStFQ9yFCBx4KhmIArVZtYGGIDcHB1vaUejSmgh24BvGaBcUlbxcUbAXFpyt7R-2mC4p0M5sV22wfAfiUNOO9PvJH5NMDTZvlzfa5rH678UZIx89RF6sF-j_atz5QHsfFy-0EoNEYiY4a2VJd1xY_ea3SZnucjWp47iy_8bgSfkr7f5arymM3fQcWGeHTrlYmuRn7kxmLjd36m5BhlGoWIGZPkfDQ1LPeZ9D1x80U-_llBW2A3AvlKbL2rHUbTyg7QymiRnQyY7bd_zsMuGmZek6TK3Pocbj5fAFWWGBOrX6PHhvyOtN_gyf7QLwYCH1SIwX1T3nc5ospz8EhqUubR13bIvt5H-ObrJ9OGQQ79UIsQaCFPywt0Y8j4DEJrX34gsDMmIOzbPJNZf7gCfeUluxaxJzmzYdXrWE-eS497HykIEkZH7O28Jg-gj3RsJfyq8NduIwVgUnqymy7yzNAloAk0API_5g5j2KmZZBxGt7bQ_jru8nrKmJcgsrpQTj-iPAvCI1WJ9xBTBk_Dd5X7KpJuANNTEhoBMnty1QIkpHtivAeWziJ7_CpCmlShOJXHj8feENxPqgwy-z55LVQxYUQm7kNN0uaRtJM2WYJBtxGcsP5787pyot8sH_pX6sn-bLLnFyIxMVEdeTOJMD_yzWqbaqMm8ju9VFBhsAM3wNob7GEioYHlcDjk-mrx9qDVV0Q6T5tIkVVtKbQST70RMYxruWa01nHN03Fvk0_iorf8_WmUlgKknMAmMp1PScNlsK7sEMsB8wNFXlObs59_RkTDxLo2kYZC23SugwNp7wJagrIQBzAox51AVYFQ96FbU7satM_A0ws4ouk3tDbC88jDt4qP3THjOP5IkblvTMnlam2ukEihX9JOt96YfESp2zsJCHsL4BKyY5Z0fGt0V6ZfFvYItNz5fqtmp5-5oJEeqJds4u9I7BDshu3gkMj8rgRUSjE06DnAYVqbCjGWCPEwVSU8TvJI6q9A8GWVcWWETYeF0&sai=AMfl-YSh_Nz3h0ZlE9BecJi0Qnz6ZJ-wdvlYiZvMCNtpMp8R4LDwOzsU_tJOuGM_99WU8Tn9IO0ItlISKgvkQYDWo4fiQlUIQfmbn1ssWOUe5W1mmUGoAJ7Sh21ilUm_DZ3JXAaiwgWOhbCuFEbnrPOLuLAlIcztRKhc9FU79HL0gC8KvotLmZQ8OBU2MMKo8BFr7-6nm9fUVQR5_78_m5TBkfztJpwuCYUOmnftTZYxDd4PWQZZS5uo2yXhNE1aQ1eEGMTzeOw&sig=Cg0ArKJSzO2luiMGzIsfEAE&uach_m=%5BUACH%5D&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=313&dett=2&cstd=0&cisv=r20230828.35821&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 08:41:17 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame B21C 32 KB
11 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5114669831148726762/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5114669831148726762/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 06:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 06:58:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 564D 0
0 95ms
95ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSsrgvH0Z-BSlJcscXoe1En3eEEZYfzSEg8jwhh3nYwqbg0WwiEwmES6N7k6CeH-r-qVt7FtK1TT0XMMp9ZiuEXpFdMIJqAwMq3X6RrvIx_gZrvwI7Qr9D1SV9VlsC-o3_Y1TDQTpzXpVGLkZWCpppiDl86vbHtroa7lHsaBuhu3go9cq-YqZ5Q7H6iCmwkvL6937cPxsJ4Q-hAh0jU5IYLfu9TFe9CdXYq2kV55zmbvdvXn3f0Dlmq3TiM2BbS91w0sDQcF9i6lhdQ6vmji2h65pFLVX-OqWDHFqiIE-iK0MtE-xCn5bluOiUlfJRHHXXMaDen9prNluq-Je8yjaJKc4cvPK_D4-oDPSqdM5aKq-ejlZVTGWZv-QMsvOaBrr-fe1WSVRxKLsUyUXCwPGOoZm7ZbWsvU0Hvb8FoKarhfXvEcb74yW3q2lQ2s7_9HDMUGz4gbIqb3ndPZiSKLkQ2Shq4aFrEVMYxszeqsK-RZdzArrN-YxV7V0xCeIq4ehcTjikA3tmgu2JLRg8zBYMkOgGEgXr1g735UMtVazYf4anRJFsBUCgiV3qyykCpaaAoV9Pf_Y6FHKBfcuoGMBh_2gYSpiXa3J7MGhqyTv3q4NuPynz8KRnY3HMPtZLmL-4D4IwKq_MI2wVqTb0iGEQb2ksS1giTECSOfVaO89Vo3thdXi5wEI2AMHzd5so--_2s05FkhoJgpdDopg9T48Od2nnX7YiGih9BHs0C24KmuPpeIkiOnPbrhk-Lj-9Zi01swelGchBzXJfSATEbyrBGV58M2wtEzcuOwsFYJR6W7RCDFeBNhYBX3yW725IjlH4juAbOWvvZcEGRcKT2NBfCsL9g3yYo9nXppLsqhV2u-ei-swzFCysfsT6QSWEjnuyhfNBfQw6B4D0JjUL9--JRY39MQm6x1iZpVLKY74VdjPH8YEXIwi8WKqmncXGM0JlFJ8NlPlQ7biUIzncPj0TzTAb-M0eaHh0Gzlorwvnk2_9yTrH8pC0fcLOXTEpcWfYioHtjvDxSRrYn1ARQyxpDuixmdMdm1HlAxdzQhrPq5l4jLkrD84QnhgPXn8N0QchTrVj0Jlkg1YM8dJKqhp97Q1GzX4tk33KInNdxXm5mPe8gBiIYt9IpXTfC70wuKW4LdJnnQnF4v5tYLl4A-Y5ganu6TQ68cHcijvCdjGgLBxHxoHKhdFcuOVbDOcR0VUDkQmMPQk_NEa4ZCQIR_sxVxuNPNWFcrz6vJaaElnkdbT_Wi0rn9tknL5qR8mFPgDshjJA5bueCq9oH-TWzE7E54A__7w4Hs2FzXjWbOmFFCG2XV0ruqPtgGhsEzhilqg&sai=AMfl-YSDqe5zudjdfCe6qUVW6VnH9VWUv8YVZO3t6SAB62WlH66lXa5G7AJQy3ItyUJgNHRaYpOdomihXzEJRULl9JRAEdSmllT4w83N2kmJBOqFWMEU42PuGaeZzSA7NBvV-jcloWBsj4EzcFTJy1HQtSUWcWM21I2XEwFIdvS5JRqqhBDm5rcpJ-s1Ei9rVu34BJ5rbTCM3wgNZ-XZBHsSHOzb_pJU-mqwZnYpnaarIJrPxEk6Gpf6zbbIc27uGKMYjfT922k&sig=Cg0ArKJSzH8OW73RfEC7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=606&vt=11&dtpt=231&dett=3&cstd=372&cisv=r20230828.69178&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 08:41:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A76B 0
20 B 163ms
162ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6hhHLa_tZK31BaqY9u8Pz_6g0AEAAAAAOAHgBAI&bg=!XV6lXhHNAAYkVgHwBFY7ADQBe5WfOB-ybbSTY47XpcwemclobNB12vkEWH7hl1uig-xKomDUDpy-4dLl4EBuIcktw7ejAgAAAJBSAAAAB2gBBwoAE-hXH9nep1owVWARAcCxTykJVIGZAufs8UITkvDH6eXAoS3eWfOkQQX-JnOBDL1lWFN64pjIKdBW9x1BGhhAORa4CTZ0KPQ0IuGrUNsUIpS-OhiSZkWf82WcsWmXvqloNFXmV1G_0KVU6z6x71nPIIb9lWy8Y37X4ohSmH2ab4WzwgnoLFvpEalwcQ8UfN3lopCrE5R5nyoD2ojTlLrSiaCFspEqfb04RCqsLjvvWVLiI1SdpzDrDRRyAVjY7iLikKadtUp2LQy8oVCDdeEFgtrrD725IjfS7ctJEuh80ulTlJTZ_Jl5Ime6Yl0r7Os6mkH9zg8UK1p_8xkMT4kSX7fj-1KmBV1a7c5KgCP77zAThmTuu7J5exKEyR24z9ZZhUc6GTbQSx1yDwXKhmUOFt4s4zHtNgqpfv8KxlK4EhdDh4SCYq5Co7m4m79rL4A_7Li-cYUmC10Grq1AoIscgrQTCDyVfNinD61d-3eOdE45uBTJ85zC-PlbOPPKRAtzVBs6yaOEYpdox77teQ1C1iu4-UaX8GNAxOBOa2OLx9ZKPMk54kfu6wwnUNdht4mgMwEfe9wkXhupRYtPI4WqpqrhdKIBVjjmVrxUtuhduXkjUlqadSM9GZdM9dxuO5uMo2eSJkhlJjaN7UJDmFY_t72graOjBzguQ4ouAKfBwknlGR5QCnfgvKQpb8QKnEF0nocOGhdoWXuqsx7SJPN30uSIK9I4L8bsdAeP8G0uM4fFt2iVILBrlaVFJ9h9mpY78Pj2113aKGFqHof7AFAHcv7aql71awA2tPd2FeqdJreinN4nAKO-R5tQJTmhATRbVJRjQP464GCHXZXofLb0YuIhJmPsgsWudimzBnXxGx3rQNk7hikFf1CQqnp2-_2FM2A12Ss3lGKGewXkxfilfpO5_AT5ZKlRp_kILXnL2X2k_Oyr0Ey4FTtm7dVpY53DdPXeZ6wGQltEjgKNYgByBzRx0IVWq8YE7myRe00ybcSe-BPJrc9PKNFNYoRgjQ

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 564D 43 B
215 B 495ms
195ms Image
image/gif 2600:1f13:800:7781:770b:e7be:3f6f:3579
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=b54ae49c-6bef-afd7-c814-3ef2cfb61e01&tv=%7Bc:mFGu9y,pingTime:-10,time:482,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693298477768%7C%7C3bb93b84789167200a50c00c491d6072%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7C60fa291ae9ebce87803f344d5373b3ff%7C%7C818645e9982bb9b4dea402474d29398a%7C%7Cc78648cb2f889d769d70be4e757d4a5a%7C%7Cf75a3120928069ede9133592ae80677d%7C%7C2449400b3970ceb3880098ba6e4b2873%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7031645305449270&output=html&h=90&slotname=6838607656&adk=1683087958&adf=1206948085&pi=t.ma~as.6838607656&w=779&lmt=1693291276&rafmt=12&format=779x90&url=https%3A%2F%2Fwww.balatarin.com%2F&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693298476011&bpp=1&bdt=629&idt=381&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D928ec7a00119d54a%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MYCcsHC8kohrpZj2_JVaNznrOA_7A&gpic=UID%3D00000c926af57c4d%3AT%3D1693298476%3ART%3D1693298476%3AS%3DALNI_MaI_D8ii1KdXTTduYmBpo6fclOEiw&prev_fmts=0x0&nras=1&correlator=6058371957678&frm=20&pv=1&ga_vid=649540507.1693298476&ga_sid=1693298476&ga_hid=101119732&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C44798934%2C31077388&oid=2&pvsid=4459967505643306&tmod=665831048&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8DP6wH4nA7&p=https%3A//www.balatarin.com&dtd=388
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 100ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8X79LBSGX3&gtm=45je38n0&_p=101119732&_gaz=1&cid=649540507.1693298476&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693298478&sct=1&seg=0&dl=https%3A%2F%2Fwww.balatarin.com%2F&dt=%D8%A8%D8%A7%D9%84%D8%A7%D8%AA%D8%B1%DB%8C%D9%86%3A%20%D9%84%DB%8C%D9%86%DA%A9%E2%80%8C%D9%87%D8%A7%DB%8C%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8&en=page_view&_fv=1&_ss=1&_ee=1&up.logged_in=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 106ms
35ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8X79LBSGX3&cid=649540507.1693298476&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8X79LBSGX3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.balatarin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 i Show response
www.balatarin.com/analytics/ 0
45 B 383ms
382ms XHR
text/plain 107.178.241.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.balatarin.com/analytics/i
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.241.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.balatarin.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 29 Aug 2023 08:41:18 GMT
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 216ms
95ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8X79LBSGX3&cid=649540507.1693298476&gtm=45je38n0&aip=1&z=573523310

Requested by

Host: www.balatarin.com
URL: https://www.balatarin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 222ms
108ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

054cb6191bee12d247b3f64e1c4edb096e486aec88208f03e639d588c48d5de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11562
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF20 0
20 B 159ms
159ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2242235684907&version=m202307240101&ct=76&x=1&cor=18374103807249720000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF20 42 B
64 B 247ms
169ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkO0zBT_t2F5EaYhwtrDCg8iq3JJ-JnR5qSYfduUmgf1nDX_3tfpF0ha8tSWotoOhojzS35w4joTNY5LgK28xskaXM_l1Ih03mGwIW48tdMw86Cd3WLj1u0_FFjohOW_R9d_rfUPjuqqbS&sai=AMfl-YQ80xE5YlGEPcLMwnurDvCgHZQtw4_V_2vrM33k8iZ8n5N_DuhFrzvDgPI1r2GyQxP_etAKB-cuOI0WH8Kylu1M0Ea-PILdjwyHbosxOO6fvNTBzTem-W5akkh1&sig=Cg0ArKJSzM-ZDUZXHgOpEAE&cid=CAQSPABpAlJWy1kJcnSTHNmOr1YA81IgOnAiPODw48XhMXs61lnkwPmw-hzwvX28auX2IgYQh52C5uL0zJTElRgB&id=lidar2&mcvt=1042&p=0,0,250,300&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4223602507&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693298476430&rpt=1068&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 564D 43 B
215 B 196ms
196ms Image
image/gif 2600:1f13:800:7781:770b:e7be:3f6f:3579
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=b54ae49c-6bef-afd7-c814-3ef2cfb61e01&tv=%7Bc:mFGumz,time:1289,type:e,im:%7Bpci:%7Btdr:1150%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1280~0%5D,as:%5B1064~0.0,216~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:1055,fm:tOjhQuG+11%7C12%7C13%7C14%7C151*.1593509-73171254%7C1511%7C1512%7C15131%7C161%7C162%7C163%7C17,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:33,sis:177%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:18 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 08:41:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAA8 13 KB
5 KB 59ms
57ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:00:31 GMT
expires: Wed, 28 Aug 2024 08:00:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 39E6 829 B
1023 B 70ms
69ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e04407116e8a283af678d6f5db53f05bd4bb0ceb70127a55844da30f2926be9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-__NEYliAH89lzYhrcH0qsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balatarin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-__NEYliAH89lzYhrcH0qsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:41:18 GMT
expires: Tue, 29 Aug 2023 08:41:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame DAA8 37 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 39E6 0
0 158ms
157ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308230101&jk=4459967505643306&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DAA8 0
10 B 56ms
56ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8VIbuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 08:41:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564D 0
20 B 157ms
157ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8239736727748&version=m202307240101&ct=76&x=1&cor=6600107793727102000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 08:41:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 164ms
163ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308230101&jk=4459967505643306&bg=!n5ylnNPNAAYkVgHwBFY7ADQBe5WfONdlwFoM9nyw-ReQH_bRA_RNpjlDgODtHHPav1weH7cRX0OPVrnoBMVlKc3_0uerAgAAAGVSAAAAEGgBBwoAvBlls0oCQtC8bGePNa6pGdI58U9SVISE6npeROktUCvngy5QyGEQkD3FAy6DGIt0b0NA5T1YFm4iZ2VGT3Y0ypiZXlrbZc7-59Cvelu9PzKyggnkpy9ACsWE9Qb7OY_6vXqDNP47xjMO8mAe4AJQ8UrK7tfm8skbxp-VtqAccl1LwQkZa_F_8M4dz20WFJDYnEh7b9tZXT8h7lFZ_AvuUPitrGHjFe6rEF6kAHS_rme2b-j1XlP00PwX1mF6mQKz809yAGkWkQzO4odDtYcSQCynKS23EstDYRIMGKGaQ7c_DLSCRLbbAheT75Ci5KrPx7ZzNVjN6k9s6PuuTxMfHqkxJSIv72PmygCcqJ96KCGixK2Spze6mlT_mzQ58aYOxwU_snkcCeYXoZiBqtN9O0DUtxIFZgeHxDh2jmkiCnzBwxeuV1_SmQsbKP5JZPpi7rNsjRlCeghSHnM3P1M5_HgaoL6YKkCJWtWb1if9bnQpn7l8CUHBssecyQjLsIK0J2CPSun4f-33QKzFCzKaBVzAoZmaqtsyH-ZEQYc_bouRvMhToQAL-Nr92tGNzqKDGUOuYJ_2xKuaSR2693luqsxqgHPXq8SOkzrrnhZjo8nXrZ-wqBk8dOKnRyD1uoiyGw3t2shcBz_NshyiwI-H1N52-6RvZ-Xu4wdWash4H08JEYUvx-dsi60bXj4ds6vcDdNSP11930kAW0DyigpXJwor--cNrKddq77ODNAYRfDrMbTw25z-o2WFKmkT38yMkpupzsNdML3ABakzh8pfsEmyp8tO4T4zLTXgfaUQVW09Y57gVX6Ioy25fBXxKY7gO7NWZCQMfR3WX0ulPyrlvYABWNvyWaehUFqOEWptd9naAK2KnKcvWLE4sFPfMS6YFt-HqqmkNkVzoFveKWLKfncG8Hhx8Llu8VfDx5ZneUNYMCgdMT75v8u4UZc8Tfivp3EGtGQb9qwPZnoSTH9_SNPP1G-xc8CQ8q-mOPnz6nSXBsVrARCN9FztSZZPQwjFh6fQTjWIPCzPCyxLDd86dxuQKWN0O24ZCIi9JrqgAHxVbyCPsJRXyA90txxZttTS-LGGXyzbunQqPvXMYXaF2je8hy1UKmIaw0MrwRgTyxY73GU9r-LuM0oMIlq1B2YJmQHUMO5sIDUCrWfP3X45t0kW2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balatarin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGTCkqE2ttJ1JpwG7KbW0ws&google_cver=1&google_push=AXcoOmSalXB3dNN16hfGwFySglb-YaKkPSIxSF8Ts8nNU3Gh4uh9yv1TB4eOTOODe00Rs2PexuZ41CQEmiZjeaAqZu7NvT6TrNcsSbE

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.balatarin.com/analytics	1969-12-31 23:59:59	Name: geo Value: 0
www.balatarin.com/	1969-12-31 23:59:59	Name: _balat_session_new Value: cYOl6D1s6dagW2ES5Vm8osyU5FX8ChUKvYihUVtTtlePJ0JZ8%2FqqMJwXA7hYUpKD153jGvQlSsgfY7ISziQwlbZ2JjR10CyhfR7VvBhChfi1zwfrIzSUo%2FNVCWus2rQ%2F2mhd3S9TkPVp3FOUHH5XMvhXLvXG0lJLbbHEf%2BKrUTXx3yBn6YeeZtimJxROENrgpSyN85qQ1F59VVvlOW%2BN5Hs%2FdOkkdu3A%2B7GNyIDEvJNsjzxyjNRYKnULXTUPTZbt9nEAGiOuuzXGEnbPivu5tAavaHW2kK9AsfczVCtJ6TD7KTU9FiU4tuyf3wzE4qnqNJmbofz4UvdZyMVELQQk9Cbbr8FkT2sKx2haJSW2pESWftR9zRzDfU8xHIsr5RflDTimjyUptt1hQOsV7xw%2BwcarMZvDqw%3D%3D--6QvfpRwMF6rxtg4o--wqzncu3ggdXv45A2OitJLw%3D%3D
www.balatarin.com/	1969-12-31 23:59:59	Name: geo Value: 0
.balatarin.com/	1970-01-20 23:43:14	Name: __gads Value: ID=736dcf9179d22b9c-2217a1165fde0094:T=1693298476:RT=1693298476:S=ALNI_MYsZvVnxX8SC9Fdx15h8LIRuwcznw
.balatarin.com/	1970-01-20 23:43:14	Name: __gpi Value: UID=00000c69c081cf65:T=1693298476:RT=1693298476:S=ALNI_MaYNrDxvuvNujN31fTmzulsj8yLzw
.doubleclick.net/	1970-01-20 23:43:14	Name: IDE Value: AHWqTUmEpcA4RU7X4IGq3p14_e9-F0dtMBe7bp7p2XiCT3UlK3KjreFQKMYP8FOYc6w
.casalemedia.com/	1970-01-20 16:31:14	Name: CMPS Value: 5283
.casalemedia.com/	1970-01-20 16:31:14	Name: CMPRO Value: 5283
.doubleclick.net/	1970-01-20 18:40:50	Name: APC Value: AfxxVi4rbOyoCt0nBSga8wWs4SzPZGCecoSZQ7MNSVdEru8RyqOIXg
.adnxs.com/	1970-01-20 16:31:14	Name: uuid2 Value: 2223058763065195374
.casalemedia.com/	1970-01-20 23:07:14	Name: CMID Value: ZO2vLJh6.a.C8oprCPVKCgAA
.adnxs.com/	1970-01-20 16:31:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><hjIQ)!]tbPl1M>e)ZlrFUfJ+tGXxoPLB`C-_!!3FJ-dW)K#1!wADs9?_KB4DlUt3?3If)y3KL9D3I?+pB<Nfm
.quantserve.com/	1970-01-20 16:31:14	Name: d Value: EFgBCQHpKYEA
.quantserve.com/	1970-01-20 23:51:52	Name: mc Value: 64edaf2d-2ebc3-7d2b8-df633
.mathtag.com/	1970-01-20 15:04:50	Name: mt_mop Value: 4:1693298477
.ctnsnet.com/	1970-01-20 23:07:14	Name: gid_CAESELu3scMliTz6o8Nxxrr1LtU Value: 1
.travelaudience.com/	1970-01-20 23:53:19	Name: _tracker Value: %7B%22UUID%22%3A%224CE545E8-9298-4B50-ADEC-C020A91174D3%22%7D
.simpli.fi/	1970-01-20 23:08:40	Name: suid Value: 21AA6F8B9DC54C1C86DB29876EB68615
.turn.com/	1970-01-20 18:40:50	Name: uid Value: 7424794298487227990
.ctnsnet.com/	1970-01-20 23:07:14	Name: gid_CAESEPwOSSfkWgLgCgruxNITf2w Value: 1
.ctnsnet.com/	1970-01-20 23:07:14	Name: cid Value: f9b033d1cd984483b0c62791a43433f2
.krxd.net/	1970-01-20 18:40:50	Name: _kuid_ Value: Pw4c8kLe
.w55c.net/	1970-01-20 23:53:19	Name: wfivefivec Value: NLsFcl3R1QAUhL5
.yahoo.com/	1970-01-20 23:07:36	Name: A3 Value: d=AQABBC2v7WQCEBfSIyHJOVq5GbBGSz7WB6gFEgEBAQEA72T3ZAAAAAAA_eMAAA&S=AQAAApEFJw2J26TbQItnAvj_9w8
.w55c.net/	1970-01-20 15:04:50	Name: matchgoogle Value: 5
.balatarin.com/	1970-01-20 23:57:38	Name: _ga_8X79LBSGX3 Value: GS1.1.1693298478.1.0.1693298478.60.0.0
.balatarin.com/	1970-01-20 23:57:38	Name: _ga Value: GA1.1.649540507.1693298476

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQTP84RKWnPqFJlvxWF43mykV3u_tC7_0wec8Jv_4A2EcPOWxUbJY6VwQK0fptJGAbKo-gAJE0mnidbMeB4pA9VYJqWsKPsCcA&google_gid=CAESEA9tsbWE0OHwaxbVF_uARl4&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6d2bce31c1be2850a76372345342f219.safeframe.googlesyndication.com
ad.turn.com
ads.travelaudience.com
ajax.googleapis.com
assets.balatarin.com
balatarin.com
beacon.krxd.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
ius.ctnsnet.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
www.balatarin.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z-na.amazon-adsystem.com
googlecm.hit.gemius.pl
107.178.241.59
172.217.16.194
172.217.18.98
18.196.113.49
18.66.97.124
185.29.134.244
185.80.39.216
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2600:1f13:800:7781:770b:e7be:3f6f:3579
2600:9000:223f:3200:8:48e:53c0:93a1
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2006
2a00:1450:400c:c07::9c
2a02:fa8:8806:16::1370
2a05:d018:d29:3605:999f:1d55:f8df:b156
3.122.33.96
34.252.154.12
34.91.62.186
35.186.193.173
35.190.0.66
35.244.174.68
37.252.173.215
51.89.9.251
52.213.146.58
54.231.195.72
99.84.93.105
008e70da90814f9f0c63870b46e41c63743721d196f175d8ce41e59d276407b5
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d2aef9098f4e33f6d12895c606bf59a5cace58ac1073c92e602acb5f01ab44
054cb6191bee12d247b3f64e1c4edb096e486aec88208f03e639d588c48d5de3
06f4cf1f6f7775bc506c8b83fe0b886fc32a3e05ed00702ae9e6de31b25d9b6e
075053fc38bc7dd4005953d986110673edd93a916ee0cc4a6537b85eb58645ea
08fd4a6e5a46b7139103765bfcbf4dacd8c87a92fbf93f31d0c0a85fd4909f1f
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da7f4f886535f580025b556629ac5d73ce7315b72f44a4c24f74be2b077d2cb
0e82d97739622b3cc7d118d0f1b5ac699289b1d945b6a7478a159961de89198c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1b2c155309dc50b905beee7e0cbdb235033d168eab05b0599936ba2a363c82b8
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f856a994bd0ce88b25524e704eec253944ba112c54dda7345b49c2a62cced80
25aca0b2852ac83203def30e05bec5501beec1e8010d8d48d0f553dc7ec230fb
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27f38eaaf59c8d79936ed9e5c7dbac44f828664c5fb4e6f87b20e2d7ec8ec325
28ba20aea387d4fcc2e0406e80c9fe5e2ef5e2064a5562b8fb61d0817b8c3bb4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b701d602c8ef9e370815a600a428518e9cf5eec8704e518fec924ea51484855
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3199e6c67222648d31333d53b6be33272860792fbfbe124b50c445d46c11a0ea
39e6500623fe9f469428d37324fb783069f5689ec651834ce7234d807b5a403a
44b0268b695e64932d8fbc99570658701d31091ea0817236a43340b263386a7b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47cfa3ed8bf233eee9751306d36d9ef1f41af9a173abf4681675203fe7d71c1d
482778c97083da12387422ddaaaed19e7f1f55f574cc20b3d09b5dab1696459f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d0e56495f2f427b6d0b38d9346330ab575959f0f8ea7c6c502d34fa6d9f48e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4f09d4163b590de40a86c438fcc840fa5cc8023ec39f124b3233d35ce785d8b4
5050bb103d946e4810678d79cd13793869b36901dc0c36b35c1b80af8cd2b070
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
51ec077a55199c6a93d36bbe59d7a8ad84b5fe63be7cb23e706914e4ecd1e487
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8
5b1979a4ecb584da673a08d6a737a10d87ae84aa6f5c2d18ab97da15c7462f11
5c0f850be678e4a3b5f436c6d92b534b50bfd2c469744003fa0885a41ab57f43
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a3121c83101fc70feb60f064fea5a35d5dc7900f19c710ec04a86302b5c990c
6f0093051f98e26333ddbab84ea7b0dd93326c5c63eaae8088945fdd610c82f9
6f6e7c0e0c487536fadee34a7ab5295786fbcb2c93e1ff786d593539a8b9c39a
7bee3921c6c90a3938fe8599bf81ac42315d8da1927714cb5c9f9d447256059f
7d9fa59c145974a0e7b188b79793fd6dde7f1580fe0cd468a0a62e1d909df5ad
83b4cac12641ae3e8aaf9431fad49dc32720a2176e9eeb79ccaa68f80543c3a2
840e9e10c44082ea6de4e2045353b846c391cb181125f977f2d404a5e318532d
907e8f0984bdd01d888c16b17fe31f369184a2e58078ebc34fd5eb0161054f2c
91d71ece617498692cecd4aebd128d889437da70883909296c453aaf5b7e4d52
9567dfdbe1a46a16e9dc15a747ab7f22bf63277d11be0bb563354f1da3615e99
95af92037987ce452b9bc35b990742190f048dfe11d7e236605e239e0cf91e43
99bf05d22d22e7bea21cdf155ce42cfab3e5855f6c15ad4f7f2722f3e7d7602b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e1973753d132c2abfdcf37f346096bc52aa4f149cf4e580ec082605dc6378c4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a31723dc4703cab503d3d6b4c49c6b04e6d8a5f35255e7eff840d063846fe136
ad5cfdcee3dc7025ae2e47eb626092c3f8e69928ee6909ed8d83cf14f87a3dc2
af5b4f29c06669e1cf155e0943401abc38a2404f3bca59922a560b1d9e6aea1d
afbc2a2baa65c4053e740145622856066b9169882b28b136da9b7aa2e2a63161
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3889fc011eaac3919a0f1178ede85e8db899d7404208ba449d33ba41e60dda9
b48babb87c2ccf6184dcf43c0d14e5a72c244970fd62b7aa139130984319008a
b5374c1b5900bb2be6eb55d9993fa9c303ad7ddc7c68301ec0b4bab3590ad723
b5b8869e9dc710f2eef7aa59272e5285c10c64d8081d8dae0fc74d18361df831
b7a9b4d1d3f0280ea54a7e7da3bde2985287ee8c2f52853cd25c3463c9645374
b92bf422991441eef940379beec4f0d4e838bdaf140da0174971df907777bcdb
be1a034f38a498bde60417bd909ed710cec1996f56a6d735b0af93e99b6453d4
c46e653fd7ffeb9ae41e70636295e345cc48d62348790e3a212034c71766efcd
c6042222156b5e26db18d7a25025e4b71e9c1d3d4cf90793e4030154b2dea1f5
c936a875624fd8483912e4bac50e535d558a1f0aedb66bff3b3ebba247b43ba2
ce1de617a435d962cc49bfb8d8f5d08cc162657bde084960efc1156edeb583a5
d05700b1f5db63de13ae86be3a82e6993c58cc8a510b31c1ef23661527deccee
d196e72b2bc9f2424c225f5af951b10b71115d6f1fbdb43837d55afac027034a
e04407116e8a283af678d6f5db53f05bd4bb0ceb70127a55844da30f2926be9c
e2d5024b6abb24323fa6ae7a99b4ae4c52bba665f8655b35c7a69a6a4e27fd8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e581c3bf6f9547d2b323c8e1ab6546470435b69417d12984bc0fb08c90307112
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e697107a204076101510ce1fb0c35486d9d6944cbfbb6fbe82f6a63cbf7a828e
e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3
eb879d9c271cebae08162a3662532a7255ae7e3a017b8673d00a944785e7f2a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9ce1a17869c590ca13e0915e6d68f361c51d0ac99cf4c2f673d780747358c1
f3be2ca7f7da627a06538e64d3f34c6a7484f99378d4483943bab00b09622d77
f4528ed74e5f7c4c5835c5edfd1766b8f87e148fd44ae68da968639b3a6c7676
f66bb2245bd952433275f5def1e00c45e56ea008d93ae7383bd8b72fa7d319c2
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd16fe71465d2a5d060dabd203986091edd0a9939b4df97cad1c5b103c095d74
fd9d566c799c4f140d52d7c05136199de35fd34510a58b5db34a58c48b6346bf
ff42d10486d003a99729e201980cb3825317ad418772d1b7bf1b25ec2cede9e8

www.balatarin.com Open in urlscan Pro 107.178.241.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

88 %HTTPS

51 %IPv6

29 Domains

41 Subdomains

31 IPs

8 Countries

1812 kBTransfer

4611 kBSize

27 Cookies

7 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.balatarin.com Open in urlscan Pro
107.178.241.59 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

88 %
HTTPS

51 %
IPv6

29
Domains

41
Subdomains

31
IPs

8
Countries

1812 kB
Transfer

4611 kB
Size

27
Cookies

161 HTTP transactions
3 data transactions