urlscan.io logo urlscan.io
SecurityTrails logo

balleralert.com Open in urlscan Pro
172.66.40.228  Public Scan

Go To Rescan Add Verdict Report
URL: https://balleralert.com/
Submission: On May 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 9 countries across 74 domains to perform 562 HTTP transactions. The main IP is 172.66.40.228, located in United States and belongs to CLOUDFLARENET, US. The main domain is balleralert.com. The Cisco Umbrella rank of the primary domain is 639776.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.
This is the only time balleralert.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
62 172.66.40.228 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
12 192.0.77.37 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
1 13.224.190.170 16509 (AMAZON-02)
1 52.217.46.190 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:233... 15133 (EDGECAST)
4 192.0.76.3 2635 (AUTOMATTIC)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a03:2880:f02... 32934 (FACEBOOK)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 19 151.101.194.137 54113 (FASTLY)
2 96.16.131.108 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.67 16509 (AMAZON-02)
1 13.224.198.109 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
15 192.0.77.2 2635 (AUTOMATTIC)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 13.224.198.102 16509 (AMAZON-02)
1 52.25.210.71 16509 (AMAZON-02)
11 142.250.186.130 15169 (GOOGLE)
5 104.45.184.134 8075 (MICROSOFT...)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.38.118.148 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 3.132.38.126 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
11 199.232.214.84 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
8 13.224.186.4 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2602:803:c003... 26667 (RUBICONPR...)
1 13 185.33.221.89 29990 (ASN-APPNEX)
1 5 8.2.111.126 46636 (NATCOWEB)
5 34.246.221.35 16509 (AMAZON-02)
4 185.64.189.112 62713 (AS-PUBMATIC)
3 23.32.59.34 16625 (AKAMAI-AS)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:4f:... 54113 (FASTLY)
11 54.77.210.61 16509 (AMAZON-02)
5 213.254.244.110 3257 (GTT-BACKB...)
1 192.0.78.22 2635 (AUTOMATTIC)
2 2606:2800:233... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
15 2a00:1450:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 74.125.140.157 15169 (GOOGLE)
4 142.250.185.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 3 13.225.80.90 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 185.29.134.249 30419 (MEDIAMATH...)
1 176.9.26.250 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 5 138.201.63.117 24940 (HETZNER-AS)
9 23.35.236.201 16625 (AKAMAI-AS)
1 2.18.233.180 16625 (AKAMAI-AS)
4 37.157.6.248 198622 (ADFORM)
5 198.47.127.19 62713 (AS-PUBMATIC)
6 6 185.29.132.245 30419 (MEDIAMATH...)
20 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.165 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
12 17 142.250.185.66 15169 (GOOGLE)
1 169.50.137.182 36351 (SOFTLAYER)
1 5 37.157.4.24 198622 (ADFORM)
8 35.71.131.137 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
18 37.157.2.247 198622 (ADFORM)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 151.101.193.108 54113 (FASTLY)
6 24 23.35.236.247 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 8.2.111.121 46636 (NATCOWEB)
3 6 209.54.177.54 16509 (AMAZON-02)
1 66.155.71.25 13768 (COGECO-PEER1)
1 1 3.232.89.139 14618 (AMAZON-AES)
1 8 2a05:d018:d29... 16509 (AMAZON-02)
1 1 50.17.222.208 14618 (AMAZON-AES)
1 63.251.232.165 29791 (VOXEL-DOT...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 1 70.42.32.191 13789 (INTERNAP-...)
1 1 34.230.246.52 14618 (AMAZON-AES)
1 2 52.72.219.211 14618 (AMAZON-AES)
5 7 69.173.144.165 26667 (RUBICONPR...)
2 3 52.94.223.167 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 198.47.127.20 3257 (GTT-BACKB...)
4 4 85.114.159.118 ()
6 8 151.101.130.49 ()
4 4 54.145.48.80 ()
8 185.64.190.81 ()
6 6 141.94.170.64 ()
4 4 52.30.140.199 ()
2 4 2606:4700:10:... ()
4 4 18.156.0.31 ()
4 4 178.62.202.251 ()
4 4 2001:678:cb4:... ()
4 2a02:fa8:8806... ()
1 35.211.178.172 ()
562 104
62    172.66.40.228 (United States)

ASN13335 (CLOUDFLARENET, US)
balleralert.com
6    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    13.224.190.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-170.fra2.r.cloudfront.net
cdn-images.mailchimp.com
1    52.217.46.190 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
8    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)
platform.linkedin.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2606:4700:20::ac43:45e7 (United States)

ASN13335 (CLOUDFLARENET, US)
console.adgrid.io
6    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    2620:1ec:27::cafe:1586 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
19    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
2    96.16.131.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-131-108.deploy.static.akamaitechnologies.com
chimpstatic.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
1    13.225.80.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-67.fra2.r.cloudfront.net
prod.adspsp.com
1    13.224.198.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-109.fra2.r.cloudfront.net
certify-js.alexametrics.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
i2.wp.com
9    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
gcdn.2mdn.net
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
8    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    13.224.198.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-102.fra2.r.cloudfront.net
certify.alexametrics.com
1    52.25.210.71 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-210-71.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
5    104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.clarity.ms
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    52.38.118.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-118-148.us-west-2.compute.amazonaws.com
adspsp.com
2    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    3.132.38.126 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-38-126.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
7    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
ajax.googleapis.com
11    199.232.214.84 (United States)

ASN54113 (FASTLY, US)
www.iheart.com
i.iheart.com
8    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
8    13.224.186.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)
pub.doubleverify.com
4    2a02:26f0:3500:585::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
13    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
5    34.246.221.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-221-35.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
px.ads.linkedin.com
2    2a00:1450:4001:813::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
4    2a04:4e42:4f::596 (United States)

ASN54113 (FASTLY, US)
ww.api.iheart.com
11    54.77.210.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
vtrk.doubleverify.com
5    213.254.244.110 (Surbiton, United Kingdom)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
tpsc-frc.doubleverify.com
1    192.0.78.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
2    2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 (United States)

ASN15133 (EDGECAST, US)
static-exp1.licdn.com
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
15    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4003:c10::5e (Tulsa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.140.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net
bid.g.doubleclick.net
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:10::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5lznes.c.2mdn.net
4    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    13.225.80.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-90.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    138.201.63.117 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
hal90003.redintelligence.net
9    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
4    37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
20    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
17    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
5    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
18    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
24    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
6    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    3.232.89.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-89-139.compute-1.amazonaws.com
s.company-target.com
8    2a05:d018:d29:3605:c111:9aee:7bd3:6707 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    50.17.222.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-222-208.compute-1.amazonaws.com
nep.advangelists.com
1    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    34.230.246.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-246-52.compute-1.amazonaws.com
sync.extend.tv
2    52.72.219.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-219-211.compute-1.amazonaws.com
um2.eqads.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
3    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
4    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
8    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
4    54.145.48.80 (None, )

ASN- ()
sync.srv.stackadapt.com
8    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
6    141.94.170.64 (None, )

ASN- ()
pixel.onaudience.com
4    52.30.140.199 (None, )

ASN- ()
sync.crwdcntrl.net
4    2606:4700:10::6816:1857 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
4    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
4    178.62.202.251 (None, )

ASN- ()
match.adsby.bidtheatre.com
4    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
4    2a02:fa8:8806:13::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    35.211.178.172 (None, )

ASN- ()
x.bidswitch.net
Apex Domain
Subdomains		 Transfer
62 balleralert.com
balleralert.com — Cisco Umbrella Rank: 639776
783 KB
53 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
ads.pubmatic.com — Cisco Umbrella Rank: 439
aktrack.pubmatic.com — Cisco Umbrella Rank: 982
image6.pubmatic.com — Cisco Umbrella Rank: 612
simage2.pubmatic.com — Cisco Umbrella Rank: 606
image2.pubmatic.com — Cisco Umbrella Rank: 932
simage4.pubmatic.com — Cisco Umbrella Rank: 1170
image4.pubmatic.com
122 KB
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
414 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
bid.g.doubleclick.net — Cisco Umbrella Rank: 503
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
277 KB
31 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 7513
cdn.doubleverify.com — Cisco Umbrella Rank: 478
vtrk.doubleverify.com — Cisco Umbrella Rank: 1506
tps.doubleverify.com — Cisco Umbrella Rank: 490
tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 10300
230 KB
31 wp.com
c0.wp.com — Cisco Umbrella Rank: 6951
stats.wp.com — Cisco Umbrella Rank: 2770
i0.wp.com — Cisco Umbrella Rank: 3053
pixel.wp.com — Cisco Umbrella Rank: 2592
i2.wp.com — Cisco Umbrella Rank: 6444
1 MB
27 adform.net
track.adform.net — Cisco Umbrella Rank: 3865
c1.adform.net — Cisco Umbrella Rank: 571
s1.adform.net — Cisco Umbrella Rank: 8427
132 KB
27 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3462
cds.connatix.com — Cisco Umbrella Rank: 3527
capi.connatix.com — Cisco Umbrella Rank: 3859
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 4192
vid.connatix.com — Cisco Umbrella Rank: 4303
img.connatix.com — Cisco Umbrella Rank: 4210
593 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 477
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
34 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
acdn.adnxs.com — Cisco Umbrella Rank: 596
95 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
49 KB
17 google.com
apis.google.com — Cisco Umbrella Rank: 100
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
accounts.google.com — Cisco Umbrella Rank: 82
225 KB
15 iheart.com
www.iheart.com — Cisco Umbrella Rank: 7905
i.iheart.com — Cisco Umbrella Rank: 9671
ww.api.iheart.com — Cisco Umbrella Rank: 779549
150 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
17 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
ups.analytics.yahoo.com
8 KB
12 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
csi.gstatic.com
80 KB
10 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3224
pixel.mathtag.com — Cisco Umbrella Rank: 1281
sync.mathtag.com — Cisco Umbrella Rank: 444
6 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1266
a.clarity.ms — Cisco Umbrella Rank: 2176
c.clarity.ms — Cisco Umbrella Rank: 668
27 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
imasdk.googleapis.com — Cisco Umbrella Rank: 407
ajax.googleapis.com — Cisco Umbrella Rank: 295
956 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
2 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
126 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
58 KB
6 onaudience.com
pixel.onaudience.com
3 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 658
6 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33656
hal90003.redintelligence.net — Cisco Umbrella Rank: 309689
9 KB
6 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1901
sync.colossusssp.com — Cisco Umbrella Rank: 2107
1 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
gcdn.2mdn.net — Cisco Umbrella Rank: 941
r1---sn-4g5lznes.c.2mdn.net — Cisco Umbrella Rank: 381855
95 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
297 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1459
rtb.gumgum.com — Cisco Umbrella Rank: 1176
3 KB
5 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3633
www.linkedin.com — Cisco Umbrella Rank: 616
px.ads.linkedin.com — Cisco Umbrella Rank: 511
321 KB
4 dotomi.com
pubmatic-match.dotomi.com
413 B
4 turn.com
ad.turn.com
2 KB
4 bidtheatre.com
match.adsby.bidtheatre.com
2 KB
4 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net
1 KB
4 stackadapt.com
sync.srv.stackadapt.com
2 KB
4 adition.com
dsp.adfarm1.adition.com
2 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 486
68 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7678
www.google.de — Cisco Umbrella Rank: 5483
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
16 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
139 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com — Cisco Umbrella Rank: 232
13 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
197 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
25 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
2 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110
partner.googleadservices.com — Cisco Umbrella Rank: 789
17 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3616
563 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 690
695 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5262
637 B
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 599
138 KB
2 licdn.com
static-exp1.licdn.com — Cisco Umbrella Rank: 2965
21 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 7908
certify.alexametrics.com — Cisco Umbrella Rank: 4391
3 KB
2 adspsp.com
prod.adspsp.com — Cisco Umbrella Rank: 14726
adspsp.com — Cisco Umbrella Rank: 12795
77 KB
2 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4794
1 KB
2 adgrid.io
console.adgrid.io — Cisco Umbrella Rank: 66778
220 KB
1 bidswitch.net
x.bidswitch.net Failed
235 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1690
546 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
317 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 977
99 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1468
408 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2270
232 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3854
399 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
191 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 427
536 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
612 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 725
363 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
10 KB
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 7595
4 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 amazonaws.com
s3.amazonaws.com
140 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 5596
2 KB
0 bidr.io Failed
match.prod.bidr.io Failed
562 74
Domain Requested by
62 balleralert.com balleralert.com
24 pagead2.googlesyndication.com balleralert.com
pagead2.googlesyndication.com
srcdoc
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
20 simage2.pubmatic.com ads.pubmatic.com
18 s1.adform.net track.adform.net
s1.adform.net
balleralert.com
17 cm.g.doubleclick.net 12 redirects ssum-sec.casalemedia.com
15 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
balleralert.com
imasdk.googleapis.com
googleads.g.doubleclick.net
13 ib.adnxs.com 1 redirects console.adgrid.io
acdn.adnxs.com
12 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
um2.eqads.com
12 c0.wp.com balleralert.com
11 vtrk.doubleverify.com pub.doubleverify.com
11 pub.doubleverify.com balleralert.com
pub.doubleverify.com
11 securepubads.g.doubleclick.net www.googletagservices.com
cd.connatix.com
securepubads.g.doubleclick.net
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
balleralert.com
11 i0.wp.com balleralert.com
10 www.iheart.com balleralert.com
www.iheart.com
9 ads.pubmatic.com balleralert.com
console.adgrid.io
9 img.connatix.com balleralert.com
8 image4.pubmatic.com
8 sync-tm.everesttech.net 6 redirects ads.pubmatic.com
8 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
8 match.adsrvr.org ads.pubmatic.com
console.adgrid.io
ssum-sec.casalemedia.com
8 c.amazon-adsystem.com console.adgrid.io
c.amazon-adsystem.com
8 www.youtube.com apis.google.com
www.youtube.com
c0.wp.com
8 capi-tier-1-us-east-2.connatix.com cd.connatix.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
balleralert.com
8 apis.google.com balleralert.com
apis.google.com
accounts.google.com
www.youtube.com
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.googleadservices.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
balleralert.com
6 pixel.onaudience.com 6 redirects
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
6 js-sec.indexww.com console.adgrid.io
ssum-sec.casalemedia.com
6 sync.mathtag.com 6 redirects
6 ssl.gstatic.com accounts.google.com
balleralert.com
6 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
6 www.googletagmanager.com balleralert.com
www.googletagmanager.com
5 c1.adform.net 1 redirects ads.pubmatic.com
5 image2.pubmatic.com ads.pubmatic.com
5 image6.pubmatic.com ads.pubmatic.com
5 hal90003.redintelligence.net 1 redirects balleralert.com
hal90003.redintelligence.net
5 colossusssp.com 1 redirects console.adgrid.io
5 www.google.com 1 redirects balleralert.com
tpc.googlesyndication.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
5 a.clarity.ms www.clarity.ms
a.clarity.ms
5 cds.connatix.com balleralert.com
cd.connatix.com
4 pubmatic-match.dotomi.com ads.pubmatic.com
4 ad.turn.com 4 redirects
4 match.adsby.bidtheatre.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 sync.crwdcntrl.net 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 dsp.adfarm1.adition.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 acdn.adnxs.com console.adgrid.io
4 track.adform.net hal90003.redintelligence.net
s1.adform.net
4 assets.adobedtm.com www.iheart.com
assets.adobedtm.com
4 googleads4.g.doubleclick.net balleralert.com
googleads.g.doubleclick.net
4 i2.wp.com
4 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ww.api.iheart.com www.iheart.com
4 hbopenbid.pubmatic.com console.adgrid.io
4 g2.gumgum.com console.adgrid.io
4 fastlane.rubiconproject.com console.adgrid.io
4 cdn.doubleverify.com balleralert.com
securepubads.g.doubleclick.net
4 www.facebook.com balleralert.com
connect.facebook.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagservices.com balleralert.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
4 connect.facebook.net balleralert.com
connect.facebook.net
3 pixel.rubiconproject.com 1 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 tpsc-frc.doubleverify.com cdn.doubleverify.com
3 cdnjs.cloudflare.com s1.adform.net
3 tags.mathtag.com console.adgrid.io
tags.mathtag.com
3 sb.scorecardresearch.com 1 redirects www.iheart.com
3 htlb.casalemedia.com console.adgrid.io
3 s0.2mdn.net imasdk.googleapis.com
balleralert.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
3 bat.bing.com balleralert.com
bat.bing.com
2 mwzeom.zeotap.com
2 spl.zeotap.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com console.adgrid.io
eus.rubiconproject.com
2 d5p.de17a.com 2 redirects
2 r1---sn-4g5lznes.c.2mdn.net
2 static.xx.fbcdn.net www.facebook.com
2 csi.gstatic.com imasdk.googleapis.com
2 c.clarity.ms 1 redirects
2 static-exp1.licdn.com www.linkedin.com
2 tps.doubleverify.com cdn.doubleverify.com
2 accounts.google.com apis.google.com
balleralert.com
2 www.linkedin.com platform.linkedin.com
2 pixel.wp.com balleralert.com
2 www.google.de balleralert.com
2 stats.g.doubleclick.net www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 capi.connatix.com balleralert.com
cd.connatix.com
2 chimpstatic.com balleralert.com
2 cd.connatix.com 2 redirects
2 www.clarity.ms balleralert.com
2 console.adgrid.io balleralert.com
2 stats.wp.com balleralert.com
2 platform.linkedin.com balleralert.com
www.linkedin.com
2 fonts.googleapis.com balleralert.com
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
1 x.bidswitch.net ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com
1 id.rlcdn.com
1 sync.extend.tv 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.taboola.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 s.company-target.com 1 redirects
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 sync.colossusssp.com
1 rtb.gumgum.com console.adgrid.io
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 ajax.googleapis.com hal90003.redintelligence.net
1 aktrack.pubmatic.com balleralert.com
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net balleralert.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 c.bing.com 1 redirects
1 public-api.wordpress.com balleralert.com
1 i.iheart.com www.iheart.com
1 vid.connatix.com cd.connatix.com
1 adspsp.com balleralert.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com balleralert.com
1 certify.alexametrics.com balleralert.com
1 certify-js.alexametrics.com balleralert.com
1 prod.adspsp.com balleralert.com
1 s3.amazonaws.com balleralert.com
1 cdn-images.mailchimp.com balleralert.com
0 match.prod.bidr.io Failed ads.pubmatic.com
562 138
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-10 -
2022-09-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-21 -
2022-05-22		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-11-19 -
2022-11-19		 a year crt.sh
prod.adspsp.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
adspsp.com
Amazon		 2022-01-16 -
2023-02-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.937theriver.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-12 -
2023-06-13		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-12-03 -
2023-01-04		 a year crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-09-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-05-03 -
2022-07-12		 2 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh

This page contains 79 frames:

Primary Page: https://balleralert.com/
Frame ID: 554FFB101199F9084EDBDD6155DE5FB5
Requests: 243 HTTP requests in this frame

Frame: https://cds.connatix.com/p/162305/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Frame ID: 81F1DD6001AB6E3FA91CB96AE4536B23
Requests: 14 HTTP requests in this frame

Frame: https://cds.connatix.com/p/162305/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Frame ID: F65EEC8DBE520D417801807D2A9AEA8C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: D624A41251857271FBAF891B75F2BC7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5729413333126369&output=html&adk=3046330955&adf=2044148826&lmt=1652583538&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fballeralert.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652583538000&bpp=2&bdt=365&idt=127&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3468959947580&frm=20&pv=2&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067561%2C21066433&oid=2&pvsid=790091515024094&pem=496&tmod=135627700&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=5&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=143
Frame ID: 8EDE10B13205EA63A03CCC28149FF643
Requests: 1 HTTP requests in this frame

Frame: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Frame ID: 787D38D38D4D2B42783EC1C4809FA750
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Frame ID: 7369CA676AD1195D611AC6E50D025DDF
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1F35B6BA0CB9A4A8C066575F1D8789D2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: CAC59777E6B9957F169818950B8176D3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: 90F9C7AE1D17DBCD4B1F6B0FAE53696B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: C2F21FABFBB68B8D8A2E3127784A317B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Frame ID: 923FAE912EF6842DEC4BB77EFA372B12
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9C68A2CFD7817B20D671F904C6EE80BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A53B54DAFB0E5F82C66B3F6A66BF5375
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6E19D31DCDAF9BCCA43C1450AB231199
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Frame ID: B378F279417DB6D303C452D21AB51DF6
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2756.js
Frame ID: C0CE3E128971518BBF2C9CBBE5A2F026
Requests: 4 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Frame ID: A18A3C48DD443A6D8CACFCF46965A945
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Frame ID: 0925E6A0C3C6F9077C0DF7BF582E12F0
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Frame ID: C2043A0D22A6E481DC3D015C6AC0F8E8
Requests: 4 HTTP requests in this frame

Frame: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 38D25D8118B0AA5BBC82033D65824C88
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ef5f0df40f8%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff1397e6208ba6b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false
Frame ID: 88D05B7A5719A311B8FBBDC4D1654BC5
Requests: 4 HTTP requests in this frame

Frame: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A1B19F00B283E9A80481A4B21647A75B
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A0DB7D4BB4D56D31997704D58811D6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA6871C7D413F87177D6D8D0D9E0853C
Requests: 2 HTTP requests in this frame

Frame: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF53D524A243A7684552CDF1B1060EB6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhijwfLFATAB&v=APEucNUsCsS-xIbN4oxqEkXdnKM3vovtKScPAvSD8jVaKYcB6Q8bWMd44avNcwcIKyVqP0YftW0gGYAF6kiAtKYZ8sCNRfoSTA
Frame ID: 8A0C094741BE349805BF91E445EF1DFE
Requests: 1 HTTP requests in this frame

Frame: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D3F9BFD988028B280DC7F104CB29EBB
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9FE9F279734437EEA2DAFFFC3514E4E1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D580FAFEBB7290EB100D819662F5E326
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyUyvoCEMzCz4EDGKuppcgBMAE&v=APEucNUFBRL687Wim1wzmwsGYL1rIo7G9a3wI5rq_EM6Ra_2LvnvMKDSCCbEssDS4OdbJQoyyIvI7-Q6IlI4a0dRGcuRDDwq1g
Frame ID: 5473ED8FD300D52CC956101A8B62D503
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst31ugmS6BBvR90u_a0mdIf-MNIogLe9bJKrGCGTuujhYlFcvIWV7ms4ywuhoq-wqY9KP7h-PsDWbMhEg5LLPM4psCPbUnuwcw7AuZQDID8i11Kf3FWxBSsVe1uhxm_gxZheH8rGSRgxP8cz_ruAau86cjqx4KGrzqjtMWy2OTsDk9LXNdPZuJqP6TIjYHKIoXqWKwoStnnHJXBKmWMO-PttA9bTrmXSaphd5acSI_HYb-UEBNXJLAnn5L9BU5640zHi7UnxmLktYXDJZ4Jm0wrDGy6qF9UeQpuz4C1THfDs5rLEnuMTdr3c6EXA8Ws8XMNsd9eObuMeklXOQ&sig=Cg0ArKJSzISif5z_Zj1REAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1DEF27332D28DF1C2080198FAFF0029B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E895C6F3BCDF078141CEC6D318847707
Requests: 3 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
Frame ID: 5126A7EF3418107EF45AD488B8B37930
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 986E8D6905DEFB33E9BF01D58A90084C
Requests: 10 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=160224&siteId=780444&adId=3352187&adType=10&adServerId=243&kefact=0.176840&kaxefact=0.176840&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1652583535&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.176840&dcId=3&tldId=0&passback=0&svr=BID22522U&adsver=_2695297976&adsabzcid=0&cls=BID&ekefact=b2yAYgTMCQBSmzCiJ_DnDzCDA0xECzUe4nGNMr2usfY2i3BY&ekaxefact=b2yAYhrMCQDGCuG32T8wLmr7NmlLcyHbdzBh6o5bJUHCfT0o&ekpbmtpfact=b2yAYizMCQDNBpGSUfr8oN-B7wJCoedJtNTlx4KNtj3-b2VH&enpp=b2yAYlfMCQCn6w3CH2-9Gj1_ZL9ejrYpktRsLLIlbyAtwseT&pfi=1&domId=4210305170406690065&dc=AMS&pubBuyId=19961&crID=10631116&lpu=mcfit.de&ucrid=11179113180167771563&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=1&wrId=3062671&wAdvID=100696&wDspCampId=1149585&isRTB=1&rtbId=08B54F13-D309-42A1-AA7C-5024614D8139&imprId=19F755BA-7416-473F-9677-45CD2E84AF03&oid=19F755BA-7416-473F-9677-45CD2E84AF03&cntryId=58&sec=1&pAuSt=3&wops=0&sURL=balleralert.com&BrID=5
Frame ID: 1B2DBA3A7FC12D26F18A768762AC6A03
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2756.js
Frame ID: CF7F23A4A7A2A113DF303455409BB24B
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6006280-6c74-4d01-b01f-19434865808e&gdpr=0&gdpr_consent=
Frame ID: 40CF3A49352C2E6B8A3AE6440088006E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8678379883384627744
Frame ID: ED5E1C776C4AFF016CD849C25BC26D8D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 596BC408B06289BB48A97F190E9AA218
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/11204919/11204919.js?ADFassetID=11204919&bv=258
Frame ID: DF00918D1A55BF3EB583492A57C8525C
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3E14FBBBA699AAB4DAD3843C2804029A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: 57D6EA63B87E2653577B97508DA44421
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DAF71E5E3C4B6B323D01E9F251B53195
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 0543DA3AF3FFE7E3425A1512B068D264
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: BDD01231D9EB9452B397F5B06DA713A7
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B9A04F6CC33E7DF85BF67D0BE114F17
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: CAFE6493F6958E1AECBCC7E5072EB8E5
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 411785013FA7AEB11A0F2F33BED7D3B3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: 37F7713B35EF8410E16B9799D589F7CB
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 41C7AC1532D344204D017716B98C06E7
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9E019A283E384356CE742FA9ACF55978
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=7FK6kkh2qpmdQjm0Jnat&pi=gumgum&tc=1
Frame ID: F174804CC7C426F16325FB1F985D9074
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DD90FF61D19F1D6647B50C46405463E9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 62448AD27A18133FFD1C06F8C85058E6
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 83E40F0D7295F6A134D036DBD79F5E34
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D08BA245B7BABA60D4D3D67CA22CAC2B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 904F6625AAB45823ACA12D980A259763
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 32FC53B2BB507DAE0F41FB6C7E7B14E5
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Frame ID: 81D4C975633F22B37E9593A01B833379
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694211226
Frame ID: 00992A9A48BB2B6E57D079EBA7D03AD5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABZgFX2AAj&gdpr=0&gdpr_consent=&_test=YoBseQABZgFX2AAj
Frame ID: 79C13EE5407003CBCE7D03799481DDC6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=piH-ic7uQn1IAWoZxJX-o8EbDgo
Frame ID: 059BF4418A08BEE66B1EFA401EA2667C
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: ECF270248B918575606E84DC999FC03C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Frame ID: 0230BC31747DBEA85D934EA2289E80BC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279693883539
Frame ID: 76F252B0FAA442BDE5450A34F1723C99
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABZVNX0wAj
Frame ID: 9CC31E22FE87161185DF898097159450
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=5gtLaKICSERR0upkNGWiWsEbDgo
Frame ID: 3DD375EC515059100D3E6E201D6F549D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: EC6221BA81E4247957FF9F4123CB9BF5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Frame ID: 392BA65FB06D170D5F0FD4543B98EE3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694538893
Frame ID: 1653614087C9CE4ED2ABA28711C91E0C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABaGGfIAA2&gdpr=0&gdpr_consent=&_test=YoBseQABaGGfIAA2
Frame ID: 49D7B269589544C5454F53C0C8E14092
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zWV4fCxAQtFNiw2boqWTnMEbDgo
Frame ID: EB431BC6B9C3B088610BA16A6747B369
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: 497F07A0C65C2A70F8CF9D97CD849FD7
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Frame ID: AEE5E12F97C447E41B4F59195D636953
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694473370
Frame ID: 584AD1F82302EFF9CB951099864E3341
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABaYufEgA2
Frame ID: 7DE55B1F853DC61F7CC25E9440ED59AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9toNWu6UTQxWEiYbyvBHGMEbDgo
Frame ID: 98EFB2D0549649CD9F9D24D47837A3FE
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: 554134F4C921BED2FF3F9ABB02E4D72C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

For all Celebrity News & Gossip! Baller Alert - Baller Alert It's a lifestyle!Magnifying GlassClose search results

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

562
Requests

88 %
HTTPS

35 %
IPv6

74
Domains

138
Subdomains

104
IPs

9
Countries

7288 kB
Transfer

18868 kB
Size

74
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9 HTTP 302
  • https://cds.connatix.com/p/162305/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Request Chain 88
  • https://cd.connatix.com/connatix.player.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9 HTTP 302
  • https://cds.connatix.com/p/162305/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Request Chain 131
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1069632656.1652583538&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cmyAYq_vB4WZ1wbgnb-YBg&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1069632656.1652583538&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cmyAYq_vB4WZ1wbgnb-YBg&cid=CAQSKQCNIrLMlaNLEwUZjfJM7aOlgaRrnFDfHRANGFVvL_hQpxrvQ9xnIUPL&random=3245015236&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1069632656.1652583538&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cmyAYq_vB4WZ1wbgnb-YBg&cid=CAQSKQCNIrLMlaNLEwUZjfJM7aOlgaRrnFDfHRANGFVvL_hQpxrvQ9xnIUPL&random=3245015236&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 285
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=7D483CF27233457ABEA1E948264FE65E&RedC=c.clarity.ms&MXFR=242FC970F9CE688615F6D8D5FDCE6695 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=7D483CF27233457ABEA1E948264FE65E&MUID=33974819B660636410DE59BCB70B62F3
Request Chain 332
  • https://gcdn.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/D9CC9922031E68B3BFA8D2CFD1F5DA81308C52.4033D7E748525FA279CB00D493328BCBB83A9EAD/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03E520ADEE1536407B95CA10A0D9CCE43DD48C99.7DA58607F43AE832C57D599097F27EF3BF92BA0A/key/cms1/cms_redirect/yes/mh/BU/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652582521/mv/u/mvi/1/pl/53/file/file.mp4
Request Chain 357
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036262&cs_xi=5451834289&ns__t=1652583540591&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5451834289&ns__t=1652583540591&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F
Request Chain 374
  • https://hal90003.redintelligence.net/request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Apub&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D08B54F13-D309-42A1-AA7C-5024614D8139%26mt_aid%3D3982080867148812983%26mt_id%3D10631116%26mt_adid%3D215543%26mt_sid%3D11507494%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_cid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fballeralert.com%2F&ancestorOrigins=https%3A%2F%2Fballeralert.com&random=5743627289901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90003.redintelligence.net/request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Apub&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D08B54F13-D309-42A1-AA7C-5024614D8139%26mt_aid%3D3982080867148812983%26mt_id%3D10631116%26mt_adid%3D215543%26mt_sid%3D11507494%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_cid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fballeralert.com%2F&ancestorOrigins=https%3A%2F%2Fballeralert.com&random=5743627289901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6006280-6c74-4d01-b01f-19434865808e&gdpr=0&gdpr_consent=
Request Chain 391
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8678379883384627744
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlCMzkwNEItQUY2Qy00OTQxLUI3MDctQzc4MzA3RTI5REJF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK-N_xOrT8zFCH52UM_5ezM&google_cver=1
Request Chain 396
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4938342704165468389
Request Chain 398
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7631895784809156516&gdpr=0&gdpr_consent=
Request Chain 399
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN
Request Chain 441
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=7FK6kkh2qpmdQjm0Jnat&pi=gumgum&tc=1
Request Chain 444
  • https://colossusssp.com/?c=o&m=cookie HTTP 302
  • https://sync.colossusssp.com/hms.gif
Request Chain 450
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 451
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 452
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 453
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoBsdkQ.9AA3NNh8F6va3QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
Request Chain 455
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
Request Chain 458
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668481143&external_user_id=74641527-ae24-4663-bfe1-b5527867aa37
Request Chain 460
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7039769-0a26-499c-b5f1-65064ed78a72
Request Chain 464
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
Request Chain 466
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoBsdkQ.9AA3NNh8F6va3QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
Request Chain 471
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoBsdkQ.9AA3NNh8F6va3QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
Request Chain 472
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB&dcc=t
Request Chain 475
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6006280-6c74-4d01-b01f-19434865808e&gdpr=1&gdpr_consent=
Request Chain 476
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 477
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d0506566-fb88-45df-b94e-90313a6eac61
Request Chain 480
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 482
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE1YjgxYTk3M2E2OTU0Y2Q0NTEyYzNmZGZmM2E3MDM1ZDZiZDQyZQ
Request Chain 483
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dPJH5PH9Teq5q_yHts5eQg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dPJH5PH9Teq5q_yHts5eQg
Request Chain 484
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/loFDw1L88Jwk6yTZIAmoPw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2134434716928821445
Request Chain 485
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH15ce4NgXZyUstpZWpvc1U&google_cver=1
Request Chain 488
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L36PKJP8-3-A4FG
Request Chain 489
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM2UEtKUDgtMy1BNEZH
Request Chain 507
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694211226
Request Chain 508
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABZgFX2AAj HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABZgFX2AAj&gdpr=0&gdpr_consent=&_test=YoBseQABZgFX2AAj
Request Chain 509
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=piH-ic7uQn1IAWoZxJX-o8EbDgo
Request Chain 510
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 512
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Request Chain 513
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b4ccf43994be05e9/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=b4ccf43994be05e9/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=3339d9cbdde1ce68 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a987398-798e-4962-7229-1d487644278c&reqId=07e2e217-438f-4af2-7e96-ba259e6a3ae6&zcluid=3339d9cbdde1ce68&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a987398-798e-4962-7229-1d487644278c&reqId=07e2e217-438f-4af2-7e96-ba259e6a3ae6&zcluid=3339d9cbdde1ce68&zdid=1332
Request Chain 515
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Request Chain 516
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 517
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1acf1f9d-477c-4527-936f-b9266cf8a519&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 518
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2435899492016518430&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 520
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 521
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Request Chain 523
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 524
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279693883539
Request Chain 526
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Request Chain 527
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 528
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABZVNX0wAj
Request Chain 529
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7ff65f01-c5b1-4622-a128-f3530fb11d78&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 530
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=5gtLaKICSERR0upkNGWiWsEbDgo
Request Chain 531
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2363841897978590494&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 534
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 535
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Request Chain 537
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2a96f5efe1f8a343/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=2a96f5efe1f8a343/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=3339d9cbdde1ce68 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d93c6e2e-525b-496a-5860-41483d9bd571&reqId=321ceb6f-054d-42b3-5655-3a369fb1df7f&zcluid=3339d9cbdde1ce68&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d93c6e2e-525b-496a-5860-41483d9bd571&reqId=321ceb6f-054d-42b3-5655-3a369fb1df7f&zcluid=3339d9cbdde1ce68&zdid=1332
Request Chain 538
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694538893
Request Chain 540
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Request Chain 542
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABaGGfIAA2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABaGGfIAA2&gdpr=0&gdpr_consent=&_test=YoBseQABaGGfIAA2
Request Chain 543
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b52a7152-1b0f-45ce-9bb0-f1165e587472&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 544
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zWV4fCxAQtFNiw2boqWTnMEbDgo
Request Chain 545
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2580014680092374302&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 547
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 549
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Request Chain 551
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 552
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694473370
Request Chain 554
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 556
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABaYufEgA2
Request Chain 557
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:864d264a-dead-4fe0-b781-48a9de703c62&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 558
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9toNWu6UTQxWEiYbyvBHGMEbDgo
Request Chain 559
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2796187462206158110&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 561
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

562 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
balleralert.com/ 		217 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283be09091d04feeb7aae2fbe9fab1fab92260624efa15712a39045be28a6050
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
70b89d629ae032b8-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 02:58:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 15 May 2022 03:08:57 GMT
link
<https://balleralert.com/wp-json/>; rel="https://api.w.org/", <https://balleralert.com/wp-json/wp/v2/pages/70807>; rel="alternate"; type="application/json", <https://balleralert.com?p=70807>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BZYkO50iwUqBaH8yknNj963BvJ7H1wprDa20dQLrUqyJ55zYF1fDIFrHBqbw7OHDtPLX4FKE0RmXQMevqvVIXeU6RiXaGQgI1yq0BZKNaEiN2LZT4dm668EY%2Fle53U5Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
sameorigin
x-tec-api-origin
https://balleralert.com
x-tec-api-root
https://balleralert.com/wp-json/tribe/events/v1/
x-tec-api-version
v1
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-62CG4WNT8H
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8c3a934b94a95da51a2f8df5fddc8c110f94152f4a4b0fc828cf2576fd9e6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69592
x-xss-protection
0
expires
Sun, 15 May 2022 02:58:57 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1038006012
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2b33dab8668ea6b36e05010bac05b45a2134e56d82b074a0488652e2b682f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42640
x-xss-protection
0
last-modified
Sun, 15 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 May 2022 02:58:57 GMT
tribe-events-pro-mini-calendar-block.min.css
balleralert.com/wp-content/plugins/events-calendar-pro/src/resources/css/ 		655 B
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Apr 2022 17:50:40 GMT
server
cloudflare
age
912599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIo%2BNB1qbussdX%2F2GSg2ErF3m2Nb5xp%2BbCiy4dQ4gtokkbeQn2dfBBPVUmOo4zd65akC9GpHMbd5mHAowGkrLUW4pzpJTSmOVfBegv4LiLoCd%2BITa0XwrosDmuHoKYLy6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d669c8932b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
style.min.css
c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2022 11:30:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
sfsi-style.css
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/ 		84 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a5af87f74014118ce8d017bd91dc4e06ff05125a5b710a966609ec60dc97ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=113616
cf-bgj
minify
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QfiVBm%2BPY6Q5r8EwiWlTVziRlzY%2F664gmZU3ZZ%2FAhceTudJnGlMG3ZgSDaMuv9H90Ewx1fND3h%2FJYmYTexBQmUq3D0Ln0wKWMgwxpsyWh0U8Znwd%2FLawNelMSpSqRGI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d66ac8f32b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
unslider.css
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/ 		573 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/unslider.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Oct 2019 17:12:23 GMT
server
cloudflare
age
912599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WriZsrm0%2BqVum49j%2FX%2FvYPpcgbGeMkSJ30Idd8bCC4%2FL1nrQuT3vOnClzW%2F%2Fsiwhn7bAGb1Uy%2FtNq26Itua33%2BJcr4mEJLT2TShWyE34T9JLqHJuRnIpyoPozdK9v8oznQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
expires
Fri, 03 Jun 2022 13:28:58 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d66ac9132b8-CDG
cf-bgj
minify
slider.css
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/ 		417 B
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/css/slider.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fbaf3eac344aae4adc2f1a0b300a9d96443a8ccd1e6e7fa0f48ebb176a0b0c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=633
cf-bgj
minify
last-modified
Sat, 26 Oct 2019 17:12:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k95v3xdh7WJZwx1RTaaxAXgO%2F70Acr70VyDWj3Yn1YWJ8SN1I%2BzoiL12Ouw8jr9aGcYGdTRPhKO5C689EUwDTPzppfYw7JmCwJGQj9dXegD%2FMGtvZBggJgySUlLPldFaqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d66ac9232b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
style.css
balleralert.com/wp-content/themes/sahifa/ 		162 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/style.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588139ecb8f99f410faaf6d6ad5717048a08ba392a9c12af4f10d0a23310520e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=195134
cf-bgj
minify
last-modified
Wed, 04 May 2022 13:00:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQK8%2FIAdp4rHDeZA3hz0PPziOICph334zhMzPmZQl0jXrVlXGUooe69v%2F%2F51Hoi8A%2F8bfvc31UhB08Ee30WuW%2B4aw7%2B0sqtCYixJ6YENSxpX2KY%2Fs5STtQcFDOxMMHJR1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d66ac9332b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
skin.css
balleralert.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=7289
cf-bgj
minify
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl56v46TUme1XRerpGqnflENg2YEURznqqF85ZlyLKHwgMxgtlcsqwzzW%2BHQKA1wxGLiaUnho4ta4oGod2qf2eV%2FUhLopZ0redcWUnD9oQzFVDKEf6A9e0XMhrjjYMDP1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d66ac9432b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
css
fonts.googleapis.com/ 		754 B
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 15 May 2022 02:21:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 15 May 2022 02:58:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 May 2022 02:58:57 GMT
jetpack.css
c0.wp.com/p/jetpack/10.9/css/ 		84 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.9/css/jetpack.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 17:20:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
jquery.min.js
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
jquery-migrate.min.js
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
unslider.min.js
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/unslider.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bcfcdf3913076194efc851a76c4686fd0f4c336ee09e5739ab31590eb13eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Oct 2019 17:12:23 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgGuQ2F5wbZVBpug4UlVDSh4%2B3KI4XWX6OWSCtEquHPjPM6BnF6HfiruqsztsLumruRRZRt12wxP3tCGZsJkvc8BaE9bVvpD3qVWVZdzm4PvMw0q23wtaBs295kgbu5TrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d66ac9532b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
jquery.event.move.js
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/jquery.event.move.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aaf90a00d378f096c89c7a0a3503c98d8f663eabab958bb1b226020c4f2ad2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=13952
cf-bgj
minify
last-modified
Sat, 26 Oct 2019 17:12:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY3tsRruGJJJTEFb8tx1EUFg3O6I%2FbhV0sDrbMKMewj9ydBKd6WRMd%2BOHiaGXFhgWWN1hS0PfhVhj7P7SgCEhSC5m3Bp2YQFhNpmUY2g%2FVUp1Jt2UjV%2BRqo%2FJ33ogmYCvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d66ac9632b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
jquery.event.swipe.js
balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/ 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-slider/public/assets/js/jquery.event.swipe.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2476edf95aa04cd7ccb301051fb62853b69d39af09c929a81fdba43143bc5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=3437
cf-bgj
minify
last-modified
Sat, 26 Oct 2019 17:12:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lv4HfpavcG7Xtb3waMXAmmHxLKyid8E%2BaTHWqEf%2B7Pm%2FrKVdiLMKGkOcE0KbGZ4ybjsI96RDUCQLpoUFxnAUaNNZ0A64t5ih%2Be4kDuN%2FlKmnwRrxlIn08TA0lSPxnO6wKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d66ac9732b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
regenerator-runtime.min.js
c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 16:35:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
wp-polyfill.min.js
c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
hooks.min.js
c0.wp.com/c/5.9.3/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/dist/hooks.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
i18n.min.js
c0.wp.com/c/5.9.3/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/dist/i18n.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
i18n-loader.js
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1972842917dbb1efdc7b6a79f02ee5ce28365a8964281c0616fe1e41c1e85f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
age
912599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5DsMuWptr0KwIuqcN7HTK%2FkeVruRC%2Fx4cELg7Zpw1iVG5L76560YkFiv8dlXuNi%2FATMMivUUHkKXM8YRePDYJUY5oQodNDs%2BUAOZd4xAX52TXczY3PVPHXs3LmRErgrrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Fri, 03 Jun 2022 13:28:58 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d66ac9832b8-CDG
cf-bgj
minify
advanced.min.js
balleralert.com/wp-content/plugins/advanced-ads/public/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Apr 2022 17:50:38 GMT
server
cloudflare
age
912599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPGkDYkIdTr4dBmp9dVIooUf%2FhDJT7zPAjrpvcj%2FZ2SOms%2BpA7uj1nWmUYshPj4IEtRbvSvL32PcGPmCJtNJiFjA%2FOUB6Q%2FYp%2FM93GcAc5Xa%2BROqv%2B3Ie46wtHZ4JtzXmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d66bc9d32b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
front.js
balleralert.com/wp-content/plugins/wp-security-hardening/modules/js/ 		37 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/js/front.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d429d28b9e4fb5a936e932e8b3f92ed4c267eefec7c32cfe15bf18f1f5932788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912599
cf-polished
origSize=59
cf-bgj
minify
content-length
37
last-modified
Tue, 08 Jun 2021 15:51:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=embRR1rcGSoy3pr32E20QQAxbqqQrl%2BzvVoxxQxrwk0EFwzay%2B4DBjqWhAqB%2FweCP29Pfei2y7wo8XesnprGeCwjua6erwyvxXGlx7Rlon1yQx1hyXlY29oiPUv6YUZLjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70b89d66bc9e32b8-CDG
expires
Fri, 03 Jun 2022 13:28:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
324a0bfb76bd61618329d5b76d1c1c8f85e3f5961d22ab931b0956e89b53525c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56117
x-xss-protection
0
server
cafe
etag
15909374471477040328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 May 2022 02:58:57 GMT
js
www.googletagmanager.com/gtag/ 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3874823-1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f38604afbd2011fc1eadc56f9facb217fb44e9e90459deef3d668d02e4ce036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40210
x-xss-protection
0
expires
Sun, 15 May 2022 02:58:57 GMT
balleralert_web_banner9.jpg
balleralert.com/wp-content/uploads/2018/11/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/uploads/2018/11/balleralert_web_banner9.jpg
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4626acb90a61ad2e64125d843b8f8d66cf6d813a5e7b799b34bd9d9c450b94d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-bgj
h2pri
content-length
235495
last-modified
Fri, 16 Nov 2018 16:17:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oU5oVQbwmplc3lN1j6ru7D4M6EBKNiL9YFZ0Ohiw4uwdu%2Bexd0YCWjV2rbJ8Kfe0M9dHzyu0wj%2Buc3KUteBQ8tDGE3aizHQa89Sm5nv8pLt59jLpPnOKiEIYi9wHwOq7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70b89d671cd632b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
chrome_grey_rss.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_rss.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4827fec4b688c883c19d7dfacfe8a04809681b3651e835fb69540193cd159f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zje%2FfrXJEJCgji7NVN1Clqcj4MtGcgVOYrmOP8S8FPzb6LjXzctp5LD3Bszpf7UpJCiZx8j7BEgafBVtf9f4INaWc0sySVkc1r%2FlAVEPbXtMCL9jfG5mXyqFVkdYiUkAzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673ce632b8-CDG
content-length
4980
expires
Fri, 03 Jun 2022 13:28:59 GMT
chrome_grey_email.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_email.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b5737f4004f9085da1cda9a674548a2162d642249a865fb68708ef0036ccdc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9qVmSp6P%2FTsHJddtN73yTQYanj79jn7MNK11y7Kr7LJY%2Bw0GzUoPv8MOTlQ7scZ1ybapSi0Yvm97LFA7E3lwVyooaBTJwo3HUJp589zjCnXSJmVHkbKyVTFp0%2F0Lj%2FIvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673ce732b8-CDG
content-length
4846
expires
Fri, 03 Jun 2022 13:28:59 GMT
chrome_grey_fb.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_fb.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af4762b2df5da39ca42be9960daeefe7fba3e07bc30ba6acadaa3cfea3f3415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6zun2ziePl5ZMmRAzCA04j2vN9WWoTokOh2179tGHHholPu0TbRNnQ%2B9BLZLfeT2yNFIYn4LUqKiY7jiNqJUkf95Suqj64%2BHdDuyT%2Fkrd5icVwm5fUCz0nkTcvm37kl9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673ce832b8-CDG
content-length
4045
expires
Fri, 03 Jun 2022 13:28:59 GMT
icon_Visit_us_en_US.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_fb/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_fb/icon_Visit_us_en_US.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d91ab032211a3cfedf49470c5490ee1cc7ca322820fcfcdfa9ddcc1307549d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UanNWF78UNaqNLJTO4FbWum1RixelwuwV0BVRPd1lqBhhXvvp7ojRHnPUz7VwgHT0UxFr1zm9XHe9lcTwWHhq46gSorpzBnqDSrh0qekbp%2B0axMuTZjU3Tq%2Bio4Mx4XD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673ce932b8-CDG
content-length
1280
expires
Fri, 03 Jun 2022 13:28:59 GMT
en_US.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/fb_icons/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/fb_icons/en_US.svg
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6c062809a62bef4918b6d73d087e997ee2f92fca0cfbb5c281a5817292452

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
36161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpq1NcBMhaeFV4F9qRHj9lii0CzU850TG5gaRXHIToaEbiXbwKz1aZgiE9RMkzOFctsk6H91WX8iVUt9mJ89Hq1OfCdJ%2F5CIYp2w4cxd2CsxSLPSY8L4mOumrxd%2FBDV82g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cea32b8-CDG
expires
Mon, 16 May 2022 16:56:16 GMT
chrome_grey_twitter.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_twitter.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd1a1a9daee80cfea98a4f8aa88b089b42fd416ec06e2f66ec4ab3d577ed479f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p08qO%2FaimjjZTOcSGrjDUBj%2BYA77%2FyfHYHZGgN%2BHKw9rIdXt68lyNW9%2Bl1NE4dl5SYUbjd0BJoK3lB4B9N9XwvjXfq%2B8glZBOmhRpJSTW8cI2Kgzgmv7GNZyyS0gorZyoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673ceb32b8-CDG
content-length
4265
expires
Fri, 03 Jun 2022 13:28:59 GMT
icon_Visit_us_en_US.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_twitter/ 		850 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_twitter/icon_Visit_us_en_US.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
298b9bc41c30aaea7fc89c925be64addb7c0a1df0d29cfde93ed4d38cc425131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTz%2BqZaQOJOTABJ3J89yW%2FjkvCqGHybQzkgLcFUpz0U%2Bk7Zv19XEcnWKF1x1v9gHh09k2UYgVgGI8coLeYkvkhvh2r7FqmHsN99gC%2FHYarNci4oPVUDkAXwQRSfFLuli%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673cec32b8-CDG
content-length
850
expires
Fri, 03 Jun 2022 13:28:59 GMT
en_US_Follow.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Follow/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Follow/en_US_Follow.svg
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1acec7ce5ab399ea205f3f38f9d424f15d3fefb08f4c1c9568806cc398fbac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
36161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xMpO%2BbkJpUliw6FTCnkxN4x8W80SQN2begp7%2FGrwMKay%2BwL3dPpd1zC4GyPNkTLC56SUHZyeWNiaWJgIB8ziXJWNEkUQ4sjYFZwJ%2F5d4q1f5Ayzn5SY1GNSnRb91tcy%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673ced32b8-CDG
expires
Mon, 16 May 2022 16:56:16 GMT
en_US_Tweet.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Tweet/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Twitter_Tweet/en_US_Tweet.svg
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6095a61e8e8cd490ec831d0731bf5c78fc97f9c2746b7d67dab0788adb949708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
36161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxYsnqcbAQkJ2Gwmpox3zJCrSvaEklBIApKkDUCtl4DziRLYKty1WgdxYSijy2rTAnLx7HF8qAUtCriNBQ7oTwaLnQR3Qg0t6oR0OL%2BIxwUi16zked%2F6xWmBcJ4kH893Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cee32b8-CDG
expires
Mon, 16 May 2022 16:56:16 GMT
chrome_grey_youtube.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_youtube.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01a1d77327096c8c49f04af3f4da2c120a9c479e0190f5623fd9ea7d3fe7106

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpSkkOau2YIRQU7gNvuISTEdGjrT5wD4%2FMX7KzuJVBWyf7W07dYzogUFOcNI0nzSI4sb2RZYrrU6OGM7t%2Fi8lt8V%2BC0EDgm6AAsmit1CoY%2Fi0dba7iwg02BC1kfhmKjOrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673cef32b8-CDG
content-length
5526
expires
Fri, 03 Jun 2022 13:28:59 GMT
icon_Visit_us_en_US.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_youtube/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/visit_icons/Visit_us_youtube/icon_Visit_us_en_US.svg
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639c929a03019caa46f531a6dfdea6fd638d98aa325c96a30afbc6a4f1aa1d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
36161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XKRw6f19l5AaxcwfNl%2FL20H7g801P5M6Y38jPidmuXfr93bbhc%2BugGFUsH5v1y2EZumrgUXimcoIhni0h62adkjqq0SzA5anolNCkLRqGolHysTwkFpZUhXQjezhdFahA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cf032b8-CDG
expires
Mon, 16 May 2022 16:56:16 GMT
chrome_grey_instagram.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_instagram.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32073ae72c27af5caad046c9d7a4ab061b2a81ee6b55d7e3e29611d61c16cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1sDZyDUc51VnLbgeI0S8zIQ2RaWlqdqubjCsHt67K05SO6DG4AtuoXoz95mXAez5b%2BrRJjZXPNb9v4tRShhjtW3A1Wrv7IHUuQsIUQPmTxt3DsLg4ORhQMWlhK0%2B7E4%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673cf232b8-CDG
content-length
5121
expires
Fri, 03 Jun 2022 13:28:59 GMT
chrome_grey_snapchat.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_snapchat.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f99c531f5e0979a50a1f76d12f3e0c0cd5605be539b1fa6ab88c85d0e68f803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sqvfTmPHGfUpD9ZmEGRVC4dAW98mrE0djBYeDAl13eFoYFgJtWQWLejoEXcaHnrmyZiDXcCfZAv1MNObCatqAranjVwaKyqb36CB67wvYDtN1T2s9XTTuIMVuFsWWnxhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673cf332b8-CDG
content-length
4120
expires
Fri, 03 Jun 2022 13:28:59 GMT
chrome_grey_linkedin.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/chrome_grey/chrome_grey_linkedin.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1a37c43977758722ff2bddb8844c2af4627e0db2d5eb0f3ada59a3468b8ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J661%2BMZQTl49%2FmACGleLB9TsfjEYA5VKbkq8ln%2FUMVbq1fnYLrCV%2Ft3UTf6dxBM46cmm28pihCxzQ%2FwzICkhNj6CMyivq162NM07vMvnmMDTlhgABk4UziSB4Mfr3hiDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673cf432b8-CDG
content-length
4896
expires
Fri, 03 Jun 2022 13:28:59 GMT
email-decode.min.js
balleralert.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 May 2022 17:41:42 GMT
server
cloudflare
etag
W/"627d46d6-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRUsTTDkABI0of71FcKtMb45Qeg04qB%2BY%2Bz3G5RrPlzeM3z1fpXhXIlQ%2F0WJIj8ZWTncPZSdSngpQ57czvM%2Bei7zN8c8mE9d7ZTqvjeWPyeRVyGzWWXlLsU6Q4VRldPioQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d66fcb132b8-CDG
vary
Accept-Encoding
expires
Tue, 17 May 2022 02:58:57 GMT
en_US_share.svg
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Linkedin_Share/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/share_icons/Linkedin_Share/en_US_share.svg
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d9dfadda2f3ae23cea507ba802ab446ffe1ded8244e84a5ef6764362f43bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
36161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvcUrzq1idzxuLcwuCX4tG77cCB9E%2BNdIeo5Np%2Fca9UZorGcIGoecUfsTAo7FyFqaq0Qt5YTktSZvBgMX8fHypOFUWm5zZvPBiYMe3bQgYEtTjpXTGXenFsytmmpm5Ao7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cf532b8-CDG
expires
Mon, 16 May 2022 16:56:16 GMT
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.190.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-190-170.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 17 Dec 2015 16:52:30 GMT
Server
AmazonS3
Age
5854
ETag
W/"ae0fc9b84c30cada1784022044962394"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Sun, 15 May 2022 01:21:30 GMT
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
Fu0iF8cwWZJlfoEsb28UFm_TWjDPZQEjnvb5kaYv6cp0EDyhDAJy_g==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.46.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:58:59 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
KJB6F6PJPGSW6M4B
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
trME8AJj4kPbqklXfpZzp5yHIYKUshh8YE4fnKA4p0aR+qOFYjVnqfPlC8ZEuJ7MbwDQAs/CVhY=
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sun, 15 May 2022 02:58:57 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"2cdff035295781be"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 May 2022 02:58:57 GMT
in.js
platform.linkedin.com/ 		507 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
2f4dfda26286d2b53f16765a0437554b16964e33de28d7bf4e196e14519a44c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
2899
x-cache
HIT
x-cdn-proto
HTTP2
content-length
162501
x-li-uuid
AAXfA2nuA2a4ryzRd6KhBg==
server
ECAcc (frc/8F0A)
last-modified
Sun, 15 May 2022 02:10:38 GMT
x-li-pop
prod-lor1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lor1
expires
Sun, 15 May 2022 03:10:38 GMT
tw-bs4.css
balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/ 		175 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/tw-bs4.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9263313998d90eb7ace1abd7647bf2106bb772d4a04a41a9f3959e4cdd8c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=213841
cf-bgj
minify
last-modified
Tue, 08 Jun 2021 15:51:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llj5JJKtb6iiTMROE9mQ6tqINBiKv8mF67hI5JwBfQDa0rndcbpQRYXaxLLIKhHrMfprsURRpxG9hYn%2FpFEs2NeGlYXKmYtbbSqZJ7D6ldR3AljeiFaMVJ5GK3sStaPlOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d671cc232b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
font-awesome.min.css
balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 15:51:37 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spFJTp5BXcBdBTNWOoIqscg6HM3D22hY8K3zImlWqSniGSUrm8P54EovQOkLoTxP6PWeipH13jha8ONgmA3vYS%2F8Eb4V8SrkyxuGK3eAuTup%2BAKwykQPa0%2FPxYVEC6VD4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cc332b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
front.css
balleralert.com/wp-content/plugins/wp-security-hardening/modules/css/ 		126 B
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/css/front.css
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f6897cf6e2277014eba471652e7619cf6ccb9b55873e67860243fd197150d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=145
cf-bgj
minify
last-modified
Tue, 08 Jun 2021 15:51:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awGK3HUi%2BzstHfa%2BKimnwfjX2Qdx%2B0QQQLLyjJ5SulYzinrKdv%2By6XB7iaPdl%2Fq%2BSKylQONhj%2BZjTtFBpFQ8CZ5sNxTZZCjGYH8aTmSX%2Bc%2FKO6CFGlbxneA5Dqu7Y%2FJTTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d671cc432b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
photon.min.js
c0.wp.com/p/jetpack/10.9/_inc/build/photon/ 		685 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.9/_inc/build/photon/photon.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
core.min.js
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Thu, 03 Feb 2022 00:04:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 15 May 2023 02:58:57 GMT
modernizr.custom.min.js
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/modernizr.custom.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e90b34aafe5edfc85981f962261069b4a34979c51f34c4991b07f5d3d984ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhos7Sa0kKmqRgOoKPXMCHS1N%2BeEr9vnfHF%2Fei7LhSELUFseR1OaPcXm4TcL5jS6NrM7UIuKB9hCIaGDHLkI8u4W%2Fd8YmaZ9cORHLHgyBQ5wrO0HZcsTYeClYsF0EvYL%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cc532b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
jquery.shuffle.min.js
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/jquery.shuffle.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051ec367c1be61480b94686061b4ecfe4365aa872b41f80cd208afb2602945a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IwMvi7rBPJoSuHwB4xxiUX8rBXWYqPsNRY9lAY37bzY0T57ZrgF1Vb5bibS4LNksgXax3tzSg9YefzyQtg%2BgnSOV2dTwgS8aL4gxOSs%2Bxo0rmaO1iWcp8XOMsYY4e%2FI3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cc632b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
random-shuffle-min.js
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/random-shuffle-min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30aa763639b91cec13bafb4649a956320321316e82f39205a9e948a6392cf8de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDR%2BQTol4N1OF1mlHlWp%2F31L3bWH1re%2FSUOn8zxqjogVm4YKcQqlqhr7V7R7DS7FwkqAqAamdO9Ly%2BM8ZrtYSHjO%2FajMlJVz5PDo%2F9LN9qIbKuQxbaG8bCqZh9%2B%2BxTZjhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cc732b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
custom.js
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/ 		63 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/js/custom.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b18072bef2e7e0f05487040fa67cb159169aea754838b5088e5a75212d680d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=88647
cf-bgj
minify
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyXSQy7JhrJPEhouTceG%2FstB8sd%2BnF%2FJyO1jLVfRsj3dCkfDSCxYw3bWP009fVI5m47FMAju7V1io4GMfn2rDXCiEfrv7kN0c1PkTUiPpfQe37CtCfZh0t4%2F5rXqW%2FhI8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671cc932b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
jp-search.js
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e605a25d2a6fad60d1639e690872a832bff2c016c8264b5f49e81e1bb4b1683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSQNVORiId97Mc%2F%2FWml8vxZaAtNgrRJoWBA6vK1ck%2BHFFoxtZV0NHVFBj6qA0dzMJGONNMLoNtLl070plF1DpOqfMgGe8zMNEY0L3HYvYvGCxZh2DILWS%2Bt4MmQ512jjaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Fri, 03 Jun 2022 13:28:59 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cca32b8-CDG
cf-bgj
minify
w.js
stats.wp.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
server
nginx
etag
W/"61dc645f-2a3d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Tue, 10 Jan 2023 16:53:28 GMT
layer.js
balleralert.com/wp-content/plugins/advanced-ads-layer/public/assets/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=27959
cf-bgj
minify
last-modified
Tue, 19 Apr 2022 22:43:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdSeCO2kctozoL0e10BX13Eh1MB04IaJ9JWak69cFwouTM9opxgdIgFRPkRNOcszGNtM0LrPriLySQQDGjNECEbLl80Jm6BDeOg%2B4IV24I6%2BFFWLrfLQePwIxnkI0SLAug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671ccb32b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
script.js
balleralert.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=2962
cf-bgj
minify
last-modified
Tue, 19 Apr 2022 22:42:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KODmPfvZw2XiDEnV347cwhNqsSWuR%2FcHusjPr9HcE9kSb0i87fiaoXnXPxocL%2FeOh5lxepqnJPFAS8ljLkhMaoqtOJfcQkQA84nd6eeY7w64zBj7SXxevw7qF6em3tKUFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671ccc32b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
sticky.js
balleralert.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=5914
cf-bgj
minify
last-modified
Tue, 19 Apr 2022 22:42:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OK2pXdrxtQfqhbNzpiFiBDKcJCQcbaYBDM%2FyTe9xpb1Hqi6VZF%2FG2%2BzvexmBLffbAwib7pT74fK5BpGHF5R4CBDxDOJauESej0FFiKdme5XmdCO2rlhdhQ%2BTE5fdVHY6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671ccd32b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
advanced-ads-pro.min.js
balleralert.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 22:41:24 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOS3kxJIWHqEzW5IdkxMirkrOsifZ3wy2BY1afuKhqI1EMRW4lqXM2a8IAMN%2B9s3Q0oYBKqP%2FFK%2FY9PgyR3agJR%2FO19o3k8dM3fPim9X9yxh%2FbhjXL8MIT5df2Pz25ETSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cce32b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
tie-scripts.js
balleralert.com/wp-content/themes/sahifa/js/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=74081
cf-bgj
minify
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8MXjmxMGZQ11Zl%2FvOvOuDlphjmJZwQsbtteVF78CsIPlMQYQoqqgybChZBdqdeJIX29NCqWZNNyVvDQiNLTsIeFqlYSvc44z34frKqq9kx0n4NcPZ0YMS8eekUJQ1RbwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671ccf32b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
ilightbox.packed.js
balleralert.com/wp-content/themes/sahifa/js/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=79789
cf-bgj
minify
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=135Q3RgoL0KH00Ju2aMMj7U8HVGIGYN4C0Owr%2BJdeeLlOnuOtfkPbalOT6ajyiUj8JhBrhb%2B2HdVi194tYMdXmRmj1kQ64nlr5RiYeGRtmxvw60QsrBlLptuJ323p4%2Bjmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671cd032b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
intersection-observer.js
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNQ2BqUT%2FVv82R9M7u1qjcrJY%2FgPGoprzl4F8IfojIYBDvzLd9ctOG%2FLRW3hJYPFd%2Bv8NS3Uyn8aZzEVaYeDN5X%2BVsJ%2F%2FmWOkO6MQrxgfyKmMpAPpVn8V1i87v5bcNjhJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Fri, 03 Jun 2022 13:28:59 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cd132b8-CDG
cf-bgj
minify
lazy-images.js
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DU%2BJ%2Be8aKYx3dLfZUzzXbbq%2FoxSxq7dNeMdWiejybiPzrcnZx4XE4c%2F7034fvsLEZ2U1Il7i1jos1EsSHqh92ndvqqme0AiaYvSGSpfKNbruxbwLS1D580ESk%2Bp07wmAoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Fri, 03 Jun 2022 13:28:59 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cd232b8-CDG
cf-bgj
minify
tracking.min.js
balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13be2720157b939b505b2b217e9caf2ed4c20d831c47add20497c2fafe81bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 11:49:39 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7CoZjaAOxO7L8%2B2ICxmcM%2FULGlc2VKd0IKNw8DG3fOg87dqCs0%2FkSocWbLdgonk6E5YpE3BR8eTDh8QziNJCXWsbknkgijDJALaK0UGNGWlwr4RvlBM7DaLBXTquMDg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cd332b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
delayed.min.js
balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/ 		877 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/delayed.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68de28ccd005c586a59c9a5c0653400886add03ab352219edb4b8651782d5e09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 11:49:39 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP4sZTpIk1o55CKappmJDj3C6O%2B3slYooJXMrs88JjusI5LdMUN%2FKf1ZXsdZooFkYLsmXUBf393vLhbxa9euWyTg1kxU7UFEjFaF9jHFSHYCc8ARbEyxGqvm2w3QVPiE1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d671cd432b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
search.js
balleralert.com/wp-content/themes/sahifa/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/js/search.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=15010
cf-bgj
minify
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2YHyMuuBB5Nrsozbqncb0%2FTQnwNeFhAKKcNaYK97T9OvY2g5TQs5yJ4DYZIxpAJQQ0PVKriF9dR30tFRDDe2xjbAzEmOZzT3rlukzJhjYAd3gSdE9KZKnD7H1DYhTN8mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d671cd532b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
e-202219.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202219.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 30 Apr 2023 21:02:36 GMT
ad-grid-balleralert-com.js
console.adgrid.io/adgrid-build/ 		740 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec36488eb23aa6eae30be91c612fc304970ad3edafe0ac6f418f03fd99719add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 11 Apr 2022 15:22:28 GMT
server
cloudflare
etag
W/"b9169-5dc62831ab65a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ihnpmrji35EIi%2FNLWhc%2BiNTQyP8EcGX7cs%2Fg8sFRnTmE9ExsHWGiOGH80T8DYxquZNoZB92jqjqv0RRQet9K762ncemhNNvJ188gMVX2lOP4%2FIlLuAfi1Z1%2BebGxFzeJIMTyJ0uYUh1sy97a0AX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d677b363760-MXP
cf-polished
origSize=758121
cf-bgj
minify
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
88kHj80mFBDT0LGhtf4pYK+4gj9Js6wlvvhTsXwrZWpnZ5IL6tYnXOjYkNnDO4RIWWdA8jJkDUqkiDEv7kgSMg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 15 May 2022 02:58:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQXBJK4
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cb362f7c84c467dc541e1fa66e5eecd982d631cc4091be5026513bd87482115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42046
x-xss-protection
0
last-modified
Sun, 15 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 May 2022 02:58:57 GMT
68l31pf5w7
www.clarity.ms/tag/ 		1003 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/68l31pf5w7?ref=bwt
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9b1fdd162610d327d2bb018d2d09af0da8b05fa70380a12f03c0ecfe3435fca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
x-powered-by
ASP.NET
x-azure-ref
0cWyAYgAAAABvTJi2XaO2Q5kr2hDfHv9sTVJTMjBFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
9zkrdib96i
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9zkrdib96i
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
255c2452ee1cc39165866eb224edb7f44938c59878395ed2e05fcda8459d2b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
x-powered-by
ASP.NET
x-azure-ref
0cWyAYgAAAADglvojED2bQoeu0e0+fTX3TVJTMjBFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
content-length
1504
expires
-1
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 075EFE08298440F7B2C50822462CDD50 Ref B: FRAEDGE1417 Ref C: 2022-05-15T02:58:57Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Sun, 15 May 2022 02:58:57 GMT
accept-ranges
bytes
content-length
11333
wp-emoji-release.min.js
balleralert.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 23:01:28 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gM8IOQ5nmZkvyhik7h1%2FA7xfeJXJRkcHAAMM1UL1bjKzghsjLbs3DsmPHaB3GovBYpSi9uMEKISn%2BgY8TQO8454nZ%2FHdAC3URTPFbaDzylFdRjRN9BucUXQH1h05Vv%2BkwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cf632b8-CDG
expires
Fri, 03 Jun 2022 13:28:59 GMT
connatix.playspace.dc.js
cds.connatix.com/p/162305/ Frame 81F1
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
  • https://cds.connatix.com/p/162305/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
870 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162305/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32fd2eb35bfc922743b09440aa77ce35f75392da85de95884c3ab1d0b7aff530

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:19 GMT
age
138019
etag
"27b6355aaf14e0f5091058861807a88d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
207385

Redirect headers

location
https://cds.connatix.com/p/162305/connatix.playspace.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
date
Sun, 15 May 2022 02:58:57 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
9e1165f11504ccfb28e46b0c6.js
chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/ 		50 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/9e1165f11504ccfb28e46b0c6.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-131-108.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
97
Date
Sun, 15 May 2022 02:58:58 GMT
Last-Modified
Mon, 15 Jun 2020 18:16:04 GMT
Server
AmazonS3
x-amz-request-id
D1D7FB80B6F4F1A0
X-EdgeConnect-MidMile-RTT
0
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=1756
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
CrIPWKjGLfH5C2PQoqgs/3amsMACt9hcDDBALuGlc7rHogPD+3Bd5/PajRTBvLhZ+Rf3gGWR1RQ=
Expires
Sun, 15 May 2022 03:28:14 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a1177b69f70c78d0d073f90942215ec3a56f2b0dccc88b7966e75a6808d501e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28329
x-xss-protection
0
server
sffe
etag
"1215 / 875 of 1000 / last-modified: 1652479640"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 15 May 2022 02:58:57 GMT
adb.2716080.min.js
prod.adspsp.com/ 		243 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.2716080.min.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39f94c7fae88d40b82ea1bfbe0415e0b18ece89cecf5a7f2710f1743aebe2366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 14 May 2022 04:28:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Sep 2021 15:14:15 GMT
Server
AmazonS3
Age
81015
ETag
W/"9df95ff5d1cf807b4b87bdbc03694b14"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
bmcsS9ftZMJthphDmtYUXI0b7abXIQDJpuulM77sgR65N7SZxFs43g==
48abc395741f2bc89353997b0.js
chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/ 		50 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/ddb2c7ac0d81062c83a23f494/48abc395741f2bc89353997b0.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-131-108.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
99
Date
Sun, 15 May 2022 02:58:58 GMT
Last-Modified
Wed, 06 Mar 2019 23:18:00 GMT
Server
AmazonS3
x-amz-request-id
91B0B7E644075CF8
X-EdgeConnect-MidMile-RTT
0
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
K5MgkNZei+J/SQnYOeGlqesypL81pwk4CxJPZL/o25k0zjPu03ZdKFFVaZlMjNGKGGo8deI70Uk=
Expires
Sun, 15 May 2022 03:28:58 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-109.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
5591997
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
_pcBDQ3_6ZF4Vbg5Q4CYldRi_TI03q6eSPDuFNXVLAx_oeU0RqUTDA==
body-bg7.png
balleralert.com/wp-content/themes/sahifa/images/patterns/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJdYJzXi9wDvGjGqAU6PtimAVSn%2F9rw6MdKuB9hUBCLqMefyPhHb7f4UuqtGH%2FEGcEJihJwlH%2B%2Fr6tjPsjFtWpkuXIrEANHoeMYROmqMvls0IQVGzDuIcqMh7cNrb%2FwWEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d673cf732b8-CDG
content-length
21146
expires
Fri, 03 Jun 2022 13:28:59 GMT
fontawesome-webfont.woff2
balleralert.com/wp-content/themes/sahifa/fonts/fontawesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://balleralert.com/wp-content/themes/sahifa/style.css
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
age
45935
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4frO11ibDV%2BrAj3dbT%2B7w8eUzxwZtONEhNfyC54ftkT%2BLIojnZcwPSHUA2pGwpxfRMzu4zXlgAwiV7U%2FgPZpd8jaTGt8MM3ZXtudTEjrBELGcSayu5R3gNljsx5b%2FCqdKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cf832b8-CDG
expires
Mon, 16 May 2022 14:13:22 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 22:16:37 GMT
x-content-type-options
nosniff
age
362540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21224
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 22:16:37 GMT
fontello.woff
balleralert.com/wp-content/themes/sahifa/fonts/tiefont/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/fonts/tiefont/fontello.woff
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505

Request headers

Referer
https://balleralert.com/wp-content/themes/sahifa/style.css
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
age
45935
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJJd6mHEMHLRQHvZUculgLjnkvQIY21MtZCLz%2FZXFDcoEPABkQS7JPgvTjn2QKBm%2BImf5hhX6hY4lJmnlg0oESmti%2BL1d898IodmKz3l2gDGiyfeagjC%2F2Ads0MNz4aH9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d673cf932b8-CDG
expires
Mon, 16 May 2022 14:13:22 GMT
connatix.player.dc.js
cds.connatix.com/p/162305/ Frame F65E
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
  • https://cds.connatix.com/p/162305/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
871 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162305/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1a0148e858f2833e037e1eaaabbb1604412fd8c983c040943cd840b78149852

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:19 GMT
age
138089
etag
"d4832813f1c36394d583e325471f163b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
207785

Redirect headers

location
https://cds.connatix.com/p/162305/connatix.player.dc.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
date
Sun, 15 May 2022 02:58:57 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-62CG4WNT8H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038006012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e107ea9a8f458ba2e36d8c4252e5e0f5618ce1b794a5f316b67fc08d32e05337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69518
x-xss-protection
0
expires
Sun, 15 May 2022 02:58:57 GMT
js
www.googletagmanager.com/gtag/ 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3874823-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038006012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
447ccf46d78cbd052ad9c6a3cd110dd269ec916c3a09af864e1429e64bfb75a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39266
x-xss-protection
0
expires
Sun, 15 May 2022 02:58:57 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
home.png
balleralert.com/wp-content/themes/sahifa/images/ 		1022 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/themes/sahifa/images/home.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
age
907592
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS6IeUKhanUwlLt7xKziHNQYPAsZ9v5VaI2vVG1gUqn6Is4A%2FgTmo8i2E1eG54fkhu9FKZEOqVonjjOi2qJXcuoZH%2FAKlxm%2FYv%2BLFs8wo8QcUXYDZ7aGG52EPbX51f2C7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d678d1332b8-CDG
content-length
1022
expires
Fri, 03 Jun 2022 14:52:25 GMT
GettyImages-1157263385-scaled.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2021/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2021/11/GettyImages-1157263385-scaled.jpg?resize=660%2C330&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a19d98e6ab1a8046e2f16acd1dd22d45d4db05ee6a5e7937c2aa9eb25604a556
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:57 GMT
server
nginx
etag
"36bf4b79119ef038"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2021/11/GettyImages-1157263385-scaled.jpg>; rel="canonical"
content-length
16482
expires
Tue, 14 May 2024 14:58:57 GMT
34E7572D-F14A-4F81-A557-10251728BB5E.webp
i0.wp.com/balleralert.com/wp-content/uploads/2022/05/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2022/05/34E7572D-F14A-4F81-A557-10251728BB5E.webp?resize=640%2C320&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8479020989d389122f1027a816026fe2cf4077d1ff7140e43ed166a85d966e0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Sun, 15 May 2022 02:58:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:57 GMT
server
nginx
etag
"ff84717a5387368e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2022/05/34E7572D-F14A-4F81-A557-10251728BB5E.webp>; rel="canonical"
content-length
83960
expires
Tue, 14 May 2024 14:58:57 GMT
GettyImages-1388086311-scaled-e1648494015688.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2022/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2022/03/GettyImages-1388086311-scaled-e1648494015688.jpg?resize=660%2C330&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
7a8bb92ed9c6cb9a1b88e1c503adf8dd3d80d5bc94faf1d9857c2718fa190a2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 15 May 2022 02:58:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 01:12:15 GMT
server
nginx
etag
"024e0855deb480df"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2022/03/GettyImages-1388086311-scaled-e1648494015688.jpg>; rel="canonical"
content-length
15490
expires
Tue, 14 May 2024 13:12:15 GMT
205B44B2-9403-418E-BB12-78AE25B7E0D6.jpeg
i0.wp.com/balleralert.com/wp-content/uploads/2022/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2022/05/205B44B2-9403-418E-BB12-78AE25B7E0D6.jpeg?resize=660%2C330&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
adbcfd73a6a23334191d24723be5ac182dddff7f861c44723dbeaebb844f4685
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Sun, 15 May 2022 02:58:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:57 GMT
server
nginx
etag
"42688d2b550d025f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2022/05/205B44B2-9403-418E-BB12-78AE25B7E0D6.jpeg>; rel="canonical"
content-length
27724
expires
Tue, 14 May 2024 14:58:57 GMT
Screen-Shot-2019-12-02-at-2.47.34-PM.png
i0.wp.com/balleralert.com/wp-content/uploads/2019/12/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2019/12/Screen-Shot-2019-12-02-at-2.47.34-PM.png?resize=560%2C330&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
82be389fd9ffe8ee2565cf2dd7367700df89f27e055a99b1455c49d96d228ffa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:58 GMT
server
nginx
etag
"e819f4af51c34e3c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2019/12/Screen-Shot-2019-12-02-at-2.47.34-PM.png>; rel="canonical"
content-length
157332
expires
Tue, 14 May 2024 14:58:58 GMT
stripe.png
balleralert.com/wp-content/themes/sahifa/images/ 		93 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yLN1P3mmDto9HGaAYRMqQreI7XlRN4Ez8UMiJ0KpWcLFUGCWqgjx7iVWtn3Ar93R4C%2BSEqNoxP5KpqQfeUNefW7cty0eWcjK%2B879q09OoSmQo2EPcTcilpKLYRCPwZXxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d679d1a32b8-CDG
content-length
93
expires
Fri, 03 Jun 2022 13:28:59 GMT
BebasNeue-webfont.woff
balleralert.com/wp-content/themes/sahifa/fonts/BebasNeue/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer
https://balleralert.com/wp-content/themes/sahifa/style.css
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Jul 2021 15:40:12 GMT
server
cloudflare
age
45935
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqkbr3IXsF3LRURLpJQdomTxGMMTQQ8cv6qa7Sc%2BFyVnKtAjiK44aqoJRKVVfjXaGXUklnAYtYqZqlRvuvedrVFcpvCvKgGoUY8BCeWEfOj2gmycB6kPSNAD4u%2B568l%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d679d1b32b8-CDG
expires
Mon, 16 May 2022 14:13:22 GMT
si
capi.connatix.com/tr/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=be0c6000-e22f-42ce-b978-66f8b38d5eea&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json
bot_tip_icn.png
balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/ 		126 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/images/bot_tip_icn.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8464298798367d1e7712446840a81b5ef07a6484761dfc727433c7cf4c1dc94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Dec 2021 16:05:26 GMT
server
cloudflare
age
912598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT16DZYyA8WGjB8ydJCJnqAh1riI0OwqpbRAwelQbGIZh8o%2BJx7rDFIN%2FYmdQbnnoER8NiFiwsN%2BrDd7QwR%2FwP5Yb2bCGslcvqx%2BvFWmAmfiBFN66rpbqaMN0Vf84d8GfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d67ed3c32b8-CDG
content-length
126
expires
Fri, 03 Jun 2022 13:28:59 GMT
collect
www.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-62CG4WNT8H&gtm=2oe5b0&_p=1359023445&_z=ccd.tfB&cid=650311075.1652583538&ul=en-us&sr=1600x1200&_s=1&sid=1652583537&sct=1&seg=0&dl=https%3A%2F%2Fballeralert.com%2F&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62CG4WNT8H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038006012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14849
x-xss-protection
0
server
cafe
etag
10272469744856839321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 May 2022 02:58:57 GMT
309371044533417
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/309371044533417?v=2.9.59&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d8cc7d24df9e185458701c0144cfb654fcb6b69e4f43382cd8470de53c4815c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
c4P17/XI/r5GOMlZQ5NNd1C+rkw2ZolFJ4ptCYnIWZdmCjnWNZb59zWqLu1oIvTsivF7Na1Ir/f1mVCMM3H59w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 15 May 2022 02:58:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1652583538025
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQXBJK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5048
date
Sun, 15 May 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 15 May 2022 03:34:50 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b281ce840664164fca7482eceda635d549c9a0eaf0e559035fb8494ddcf4468c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112646
x-xss-protection
0
server
cafe
etag
3486176870711262438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 15 May 2022 02:58:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame D624 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 18:13:19 GMT
etag
1428802124239944296
expires
Sat, 28 May 2022 18:13:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
137025170.js
bat.bing.com/p/action/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137025170.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8f4090a7f6b73d8461f45af57612665aa2e007f9ba17640cc6352c71e72c6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D9C27D677DF459582769F469CB4E309 Ref B: FRAEDGE1417 Ref C: 2022-05-15T02:58:58Z
date
Sun, 15 May 2022 02:58:57 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
896
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&time=1652583538042&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fballeralert.com%2F&random_number=13502320233&sess_cookie=36732a93180c5a79d79eaa28c2a&sess_cookie_flag=1&user_cookie=36732a93180c5a79d79eaa28c2a&user_cookie_flag=1&dynamic=true&domain=balleralert.com&account=oEQ9o1IW181052&jsv=20130128&user_lang=en-US
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-102.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 14 May 2022 04:45:30 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
80009
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
JpwjF8tiXZu2gUn7KGaJYXvd3qw4qr-Gw1Rk7h0QLdGaCP0QWcfwfQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.210.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-210-71.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
server
Server
pubads_impl_2022051001.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 22:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126527
x-xss-protection
0
last-modified
Tue, 10 May 2022 08:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 May 2023 22:36:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		180 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=balleralert.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4b5eb0af61b06b71cd30a12104987cd84c749b29866906cab2059d77612ceab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Sun, 15 May 2022 02:58:58 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/?random=1652583538091&cv=9&fst=1652583538091&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef59b9167029ac10d8d81e284f989983beb25504866bae700c3e78c88b5f556d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1071
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1038006012/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1038006012/?random=1652583538095&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1069632656.1652583538&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
1ed10b472cc4501eb1c7b9b95a5ba6f0d99cc32e0984c002582638afa5744e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
a.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9zkrdib96i
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:57 GMT
content-encoding
br
etag
"1d8645b96aa6354"
last-modified
Tue, 10 May 2022 10:49:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309371044533417&ev=PageView&dl=https%3A%2F%2Fballeralert.com%2F&rl=&if=false&ts=1652583538116&sw=1600&sh=1200&v=2.9.59&r=stable&ec=0&o=30&fbp=fb.1.1652583538115.1514552715&it=1652583537962&coo=false&rqm=GET
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 15 May 2022 02:58:58 GMT
cookie.js
partner.googleadservices.com/gampad/ 		219 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=balleralert.com&callback=_gfp_s_&client=ca-pub-5729413333126369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7d56b60f41dafe5dab69b28083e318c482a277feb37288edb04e172071bdfe44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=balleralert.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=balleralert.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8EDE 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5729413333126369&output=html&adk=3046330955&adf=2044148826&lmt=1652583538&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fballeralert.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652583538000&bpp=2&bdt=365&idt=127&shv=r20220511&mjsv=m202205110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3468959947580&frm=20&pv=2&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067561%2C21066433&oid=2&pvsid=790091515024094&pem=496&tmod=135627700&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=5&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=143
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:58:58 GMT
expires
Sun, 15 May 2022 02:58:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1359023445&t=pageview&_s=1&dl=https%3A%2F%2Fballeralert.com%2F&ul=en-us&de=UTF-8&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEADQAAAAC~&jid=1295838192&gjid=256953067&cid=650311075.1652583538&tid=UA-3874823-1&_gid=1066784769.1652583538&_r=1&gtm=2wg5b0PQXBJK4&z=310824073
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W82C4C5&t=gtag_UA_3874823_1&cid=650311075.1652583538
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e27ab595867570c1a0d80268960e77a979440a4a55c71c6e6405df7ae2fd252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38413
x-xss-protection
0
last-modified
Sun, 15 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 May 2022 02:58:58 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1359023445&t=event&ni=0&_s=1&dl=https%3A%2F%2Fballeralert.com%2F&ul=en-us&de=UTF-8&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=site%20clicks&ea=Clicks&el=Clicks&_u=YADAAEADQAAAAC~&jid=&gjid=&cid=650311075.1652583538&tid=UA-3874823-1&_gid=1066784769.1652583538&gtm=2wg5b0PQXBJK4&z=1886786970
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 May 2022 10:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60564
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/162305/ Frame 81F1 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162305/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:20 GMT
age
138134
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
connatix.playspace.css
cds.connatix.com/p/162305/ 		99 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162305/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:19 GMT
age
138134
etag
"132acf023a5a30ef72888d6e359a6663"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13634
/
adspsp.com/pt/2716080/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/2716080/19/1/?a=2,a2l36pkivewlKZpSCFq0,wI2ynd7Byl&aa=00Gumh&b=&e=&c=https%3A%2F%2Fballeralert.com%2F&d=&f=1.l36pki2b.1Tsy&g=1Txh&u=0e02f78e:ktk7sb0r:247&v=18g.xc.0.3n5&rnd=1652583538216
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.118.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-118-148.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/162305/ Frame F65E 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162305/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 12:35:20 GMT
age
138134
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3874823-1&cid=650311075.1652583538&jid=1295838192&gjid=256953067&_gid=1066784769.1652583538&_u=YADAAEACQAAAAC~&z=1736423753
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 02:58:58 GMT
content-type
text/plain
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1038006012/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1038006012/?random=1652583538091&cv=9&fst=1652580000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&async=1&fmt=3&is_vtc=1&random=2425029356&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1038006012/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1038006012/?random=1652583538091&cv=9&fst=1652580000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&async=1&fmt=3&is_vtc=1&random=2425029356&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1038006012/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&re...
  • https://www.google.com/pagead/1p-conversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
  • https://www.google.de/pagead/1p-conversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1069632656.1652583538&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cmyAYq_vB4WZ1wbgnb-YBg&cid=CAQSKQCNIrLMlaNLEwUZjfJM7aOlgaRrnFDfHRANGFVvL_hQpxrvQ9xnIUPL&random=3245015236&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1038006012/?random=1762068318&cv=9&fst=1652583538095&num=1&value=1&currency_code=USD&label=RtAPCKKMyNMBEPzt-u4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fballeralert.com%2F&tiba=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&auid=1069632656.1652583538&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=cmyAYq_vB4WZ1wbgnb-YBg&cid=CAQSKQCNIrLMlaNLEwUZjfJM7aOlgaRrnFDfHRANGFVvL_hQpxrvQ9xnIUPL&random=3245015236&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
story
capi.connatix.com/core/ Frame 81F1 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
55dac3b86c92fb3a27a1c5bd75efffc171755de88542d33afc14d8e9493c9eb3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5809
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1359023445&t=pageview&_s=1&dl=https%3A%2F%2Fballeralert.com%2F&ul=en-us&de=UTF-8&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAAC~&jid=1841745001&gjid=1813300473&cid=650311075.1652583538&tid=UA-3874823-1&_gid=1066784769.1652583538&_r=1&gtm=2ou5b0&z=1634968779
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3874823-1&cid=650311075.1652583538&jid=1841745001&gjid=1813300473&_gid=1066784769.1652583538&_u=aCDAAUADQAAAAC~&z=1994777582
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 02:58:58 GMT
content-type
text/plain
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 81F1 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
transfer-encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
9a1177b69f70c78d0d073f90942215ec3a56f2b0dccc88b7966e75a6808d501e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28329
x-xss-protection
0
server
sffe
etag
"1215 / 713 of 1000 / last-modified: 1652479640"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 15 May 2022 02:58:58 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 81F1 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Sun, 15 May 2022 02:58:58 GMT
3d834ed1-a196-42c7-a0a5-e4cdb0f4933e.bin
vid.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ Frame 81F1 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/3d834ed1-a196-42c7-a0a5-e4cdb0f4933e.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35d05b4254f23ffcd8ad13c19d2e17b7a6e0aa591d191efebc407ae775559def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
last-modified
Sun, 15 May 2022 02:30:36 GMT
age
1615
etag
"2053a5a4ab07515f277f4c73ba270251"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1020
1.png
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/be0c6000-e22f-42ce-b978-66f8b38d5eea/ 		9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/be0c6000-e22f-42ce-b978-66f8b38d5eea/1.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f28753993b265939c9f2249cb8f62e9fc303399b37c476349de4254e20d10318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1025778
etag
"6SzxogP7gyRJbXMrgfNaT+BbzTSlVBFx6xRf3lq2uGU"
access-control-max-age
86400
fastly-io-info
ifsz=8704 idim=920x690 ifmt=png ofsz=8704 odim=920x690 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
8390
fastly-io-warning
Failed to shrink image
/
www.iheart.com/podcast/1119-the-baller-alert-show-53352259/ Frame 787D 		45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
52c0c618857f56d6a351484721760f97029d41362f7378d91768ccc478e54b35
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
client_geo_latitude
49.380
client_geo_longitude
10.200
client_geo_postal_code
91541
content-encoding
gzip
content-length
10210
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:58:58 GMT
edge-control
cache-maxage=900
etag
W/"b2be-p5aOBczSz8jRQhqdOP3HISY6L5A"
geoip-country-code
DE
normalized-language
en
strict-transport-security
max-age=31557600
vary
Origin, X-NoAds, Accept-Encoding
via
1.1 varnish (Varnish/6.5), 1.1 varnish
x-cache
MISS
x-cache-hits
0
x-dest
http://web-www-20220503181609:8000
x-fastly-country
DE
x-ihr-app-country
WW
x-ihr-app-language
en
x-powered-by
Express
x-request-id
cortex-proxyd-varnish-7d7bf5db86-284g8/Ls2GPiPQBx-69951546
x-served-by
cache-cdg20774-CDG
x-timer
S1652583539.603667,VS0,VE221
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
572842f1623bb0ff8d29052a4c0b823ab863bfe52b98265a0029acfbf5e11bc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
r2vBEjLNzB72kupFY4D8VQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sun, 15 May 2022 03:03:24 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
Lv3F+3jFwhaR9DnXDhhKdOd3SSexD8/brZBWJmUTpPprakNGJ8+F0WAY0nsnyzrQ8Y0HxkLAn57SIa1L6WzmNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d6813649745bb8fd1cf431e714b4ab94
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 15 May 2022 02:58:58 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3c5004b4a68ca5038cacdd3a9e6c3c24"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6c12b2052858d9bccb18caf163a8f76e0c70c5cae01ea0ff3c2fae34709e14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 23:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44440
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 23:48:29 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8db3093f1dbec4a48af24c7b4a6c14afec1fff5d81a3a070eec32abc9282e1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 23:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41762
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 23:48:29 GMT
subscribe_embed
www.youtube.com/ Frame 7369 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sun, 15 May 2022 02:58:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff
balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer
https://balleralert.com/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 15:51:37 GMT
server
cloudflare
age
45934
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E04eCtAY1IsCIw%2F6wYK0uaqdvGUbUcKYpMl6XCwu0CCUnAjKilzEcd%2F4a1cMN0Nq6LLw0%2Ff8n7WjPMq8HxExCrDCFVaC7lZSGTfWWiaHYODKf4ZuKcBAWhZE8WWyrvLEvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70b89d6c5f5832b8-CDG
expires
Mon, 16 May 2022 14:13:24 GMT
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 22:16:37 GMT
x-content-type-options
nosniff
age
362541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 22:16:37 GMT
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 81F1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 81F1 		729 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
c9013f30a06a9d3c833b8cd04eec770246aeb676c541cffc2bc0575715023dab

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
619
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 81F1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
mq
capi-tier-1-us-east-2.connatix.com/tr/ Frame 81F1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/mq?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
24820e54-bc91-42c3-898d-42c565bc9893.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/24820e54-bc91-42c3-898d-42c565bc9893.jpg?crop=310:246,smart&width=310&height=246&format=jpeg&quality=60&fit=crop
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a731869de6e698f087e6962c7177337ead1c537e54b9392087e036aca9c1c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1616
etag
"GR2TPj+DiTAKmsxXHhacPpA6bokMOe6XuybOSa9LAzs"
access-control-max-age
86400
fastly-io-info
ifsz=311164 idim=2560x1676 ifmt=jpeg ofsz=9116 odim=310x246 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
8732
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.859406526041721
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 02:58:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9&blog=159055169&post=70807&tz=-4&srv=balleralert.com&host=balleralert.com&ref=&rand=0.6512226266823378
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 02:58:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
24820e54-bc91-42c3-898d-42c565bc9893.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/24820e54-bc91-42c3-898d-42c565bc9893.jpg?crop=310:174,smart&width=310&height=174&format=jpeg&quality=60&fit=crop
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea4f21b0b6928a4945a5ee19b95ebab4affc57a94ec6ac502844db588c23ed79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1616
etag
"QRyFvWGExcxmbdClyZ+Ewk6uBKjqvraKM1FzA7eTdfQ"
access-control-max-age
86400
fastly-io-info
ifsz=311164 idim=2560x1676 ifmt=jpeg ofsz=7236 odim=310x174 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
6838
55b2703f-dec1-46f7-a207-8f8b13eae8c0.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/55b2703f-dec1-46f7-a207-8f8b13eae8c0.jpg?crop=310:174,smart&width=310&height=174&format=jpeg&quality=60&fit=crop
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c435b6be1a287ae290f8d9c194eef5ee33c9c7420e03a9ccaeaabfed96e3c0db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1616
etag
"7eXNysUrlCO2dKNWA8DYkRcUvjBB/v8RwsolxZLU3ho"
access-control-max-age
86400
fastly-io-info
ifsz=494667 idim=1412x784 ifmt=png ofsz=7616 odim=310x174 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7230
fdaf1e09-e0f7-46ab-a71a-7eb24543b827.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/fdaf1e09-e0f7-46ab-a71a-7eb24543b827.jpg?crop=310:174,smart&width=310&height=174&format=jpeg&quality=60&fit=crop
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fb0e9bba273c7af6cf94dfe31a52b3e8e6f3cdac96c128fae7056490fbd73a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1616
etag
"GiL6FaafW/HM3NSfMUc5+Cmt5cYHzNbFeknXB+pV5FM"
access-control-max-age
86400
fastly-io-info
ifsz=137714 idim=1920x1080 ifmt=jpeg ofsz=9682 odim=310x174 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9307
4b757f05-e01b-4678-8d16-f47b0f128176.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		5 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/4b757f05-e01b-4678-8d16-f47b0f128176.jpg?crop=310:174,smart&width=310&height=174&format=jpeg&quality=60&fit=crop
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9a2183dc26711b2fd1385506ef3823b10a2283126581411816744e2b3685a1c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1616
etag
"3bd6FS1N9VZnWkuHBLmPng1gRfa5U1HxVgzgwNVlF4s"
access-control-max-age
86400
fastly-io-info
ifsz=49376 idim=986x555 ifmt=jpeg ofsz=4627 odim=310x174 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
4140
3ef77442-3390-47a7-8b81-623fc268e2f9.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/3ef77442-3390-47a7-8b81-623fc268e2f9.jpg?crop=310:174,smart&width=310&height=174&format=jpeg&quality=60&fit=crop
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fbc36a8fc5a8381849cf7dd91b3d3383e4e7d942185ecb3c849066a476d39d95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
age
1616
etag
"Oc5elIfUwIsKQgblyZ8duLPvrJXWODDkujFOhwJRGd4"
access-control-max-age
86400
fastly-io-info
ifsz=113477 idim=560x350 ifmt=png ofsz=7263 odim=310x174 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
6852
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
810
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0VBYPA83YMF6V7V9Z6AS
date
Sun, 15 May 2022 02:57:00 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
SqF2MpqekGeYpc5sAtiqQGyMYGAyuQy9soQrYGkiNtNJru_sSYGFpQ==
ajax-handler.php
balleralert.com/wp-content/ 		2 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/ajax-handler.php
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/dist/tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it%2BwRpF%2BYAnxpfxm4GLxexdb0bw%2BOnRte6qNNRmJ%2FxeQ7O3fMZ6ghkpzo%2BoTbvQZYHItTttqNx2Yxxff5jgDwNEG8SepCnYRPn3hCqTmOlg%2Fh50qcFQVnLEqZhA8xP4T1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0, smax-age=0
cf-ray
70b89d6d782032b8-CDG
x-robots-tag
noindex
expires
Sat, 26 Jul 1997 05:00:00 GMT
172.js
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/172.js?minify=false&ver=ab9bc7c07420eaf9f586
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4165f862e4619d02131934712dc6524a0fb4bf377e17c579d4e39eea0165ca77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=50945
cf-bgj
minify
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhBSNA3eWIwCdpxWvd7tHr8YoINp0ZJNdub9vrn826YG6w63bdY1JjmnFZ0BiC6uAONL71rfi1jwPzXCejlbbVi6KhqT9fXVFiFYwyOI279P7kgBz1QKUer9toAR1cctsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d6da82b32b8-CDG
expires
Fri, 03 Jun 2022 13:29:00 GMT
jp-search.chunk-main-payload.css
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=aaceb2477698617460cf
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756fcea03a78a0f6ea28b09b6d6b2990e965060d66c1a6f4bbc51f55e31b3eac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=32124
cf-bgj
minify
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqJgcI8wAADxg7aJi1Kr9hSesE00XDhDkEd3OgX7CVSoj0v870gdQZaJvFiKECGiJhrOmPdeYTU5WdoVdWyLLiFU1yC1DvRoxznGVba7KK0zbGMWYqjAj38gknUvnv2BAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
70b89d6da82c32b8-CDG
expires
Fri, 03 Jun 2022 13:29:00 GMT
jp-search.chunk-main-payload.js
balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=83d268fd126746748e3d
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c608481a541b13655d397ce28efa24ce90cc43590087e0b70b12eb9e328755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912598
cf-polished
origSize=75276
cf-bgj
minify
last-modified
Wed, 04 May 2022 11:49:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjP1jl96D14i06BDgTYmrpVar9ni6aQ8V3QgT60XTT9LyviKR%2B%2BLz1g7ng5Xu6tRpev5l2WOQy%2BDfzdQe5fvk5sw2r%2Bl2TTeLi58JtAYn%2FiU6UJTqXiP0lImASMKUa%2FoAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
70b89d6da82d32b8-CDG
expires
Fri, 03 Jun 2022 13:29:00 GMT
collect
a.clarity.ms/ 		0
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:57 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
0
bat.bing.com/action/ 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137025170&Ver=2&mid=3e804efb-1258-479c-b019-237546780c41&sid=f76f7590d3fa11ecb37bbfef90f65f51&vid=f76f79d0d3fa11ec938dafc222417cf5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&p=https%3A%2F%2Fballeralert.com%2F&r=&lt=1804&evt=pageLoad&msclkid=N&sv=1&rn=741364
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 292B458ACCFA460DAF93E3B6AE34911F Ref B: FRAEDGE1417 Ref C: 2022-05-15T02:58:58Z
date
Sun, 15 May 2022 02:58:58 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 7369 		0
0
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 7369 		0
0
/
www.facebook.com/tr/ Frame 1F35 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://balleralert.com
Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://balleralert.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:58:58 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sdk.js
connect.facebook.net/en_US/ 		285 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d64ba4d80623077418a6099c86b84bf8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cad0173e0432d52a1eae20a60166e09bf651476b7b41c60f47b2b436a5b67b91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://balleralert.com/
Origin
https://balleralert.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Z2OI/Ux+6/Yb1vxucVEEmg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 15 May 2023 02:33:38 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83793
x-fb-rlafr
0
x-fb-debug
aqOgUWII5+2V2RpAnAuTKS3XbB/SCn/fpUO1o2gTjGseEielmkimtbt5IZWO/OQlC1+tzsZDtOKuFDUPF31OlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
822593d1507200da9f765d47eb45f086
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 15 May 2022 02:58:58 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"4abb73a39b26dfc274b306ecd9262476"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame CAC5 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 05:56:05 GMT
expires
Sun, 14 May 2023 05:56:05 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 81F1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 02:58:58 GMT
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame 90F9 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 05:56:05 GMT
expires
Sun, 14 May 2023 05:56:05 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame C2F2 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 05:56:05 GMT
expires
Sun, 14 May 2023 05:56:05 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
subscribe_embed
www.youtube.com/ Frame 923F 		2 KB
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a170ecb84cbbe3c743c919578bd660029bc58ebcd286ac173b87cef62eec2d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sun, 15 May 2022 02:58:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
GettyImages-1157263385-scaled.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2021/11/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2021/11/GettyImages-1157263385-scaled.jpg?resize=310%2C165&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0ecf9e4a5b70eb37a11d42cb701c76c4ca1cd704f76bb066d2cb094fddf16f01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 15 May 2022 02:58:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:59 GMT
server
nginx
etag
"e52706579eef8e66"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2021/11/GettyImages-1157263385-scaled.jpg>; rel="canonical"
content-length
5834
expires
Tue, 14 May 2024 14:58:59 GMT
34E7572D-F14A-4F81-A557-10251728BB5E.webp
i0.wp.com/balleralert.com/wp-content/uploads/2022/05/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2022/05/34E7572D-F14A-4F81-A557-10251728BB5E.webp?resize=310%2C165&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a35287a35e927d2da9db69c8837450ee047a8e5bf732aaea31980481380105d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Sun, 15 May 2022 02:58:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:59 GMT
server
nginx
etag
"32a3f7a69015fa4f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2022/05/34E7572D-F14A-4F81-A557-10251728BB5E.webp>; rel="canonical"
content-length
30492
expires
Tue, 14 May 2024 14:58:59 GMT
GettyImages-1388086311-scaled-e1648494015688.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2022/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2022/03/GettyImages-1388086311-scaled-e1648494015688.jpg?resize=310%2C165&ssl=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ddcaf77169960f74bb87fe4e4286da63ec2c03699c22cd5e14b0a7754c26ca8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 15 May 2022 02:58:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 15 May 2022 02:58:59 GMT
server
nginx
etag
"d88a53bb7ad5b915"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://balleralert.com/wp-content/uploads/2022/03/GettyImages-1388086311-scaled-e1648494015688.jpg>; rel="canonical"
content-length
6602
expires
Tue, 14 May 2024 14:58:59 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9C68 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 15 May 2022 03:55:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A53B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 15 May 2022 03:55:17 GMT
pub.js
pub.doubleverify.com/signals/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75733e48b0ff8fe8cf445d3f20cab6e29bb6e4319e733af0f7a4e4a45cf7407
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=0
cf-ray
70b89d6f296a0229-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dvtp_src.js
cdn.doubleverify.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c6ff04eee3ac33ded99ee6c1a967713530124ae77cab274d1cf9a977a7aa676e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:58:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 May 2022 17:26:20 GMT
Server
Microsoft-IIS/10.0
ETag
"046e5642566d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175800&size_id=2&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=4e302da5-873c-44bb-b473-2dc9f3ed82c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8093076694953603
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a2ca86321106923bc5bd3607518f86dc2ff9e8424baaf59f4230ba724e8412a0

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d1ec438383f4444da2802c1aa45efd2b1a069069b5440247170fd3826e4aba06
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ffddaf7-f882-4920-bcd4-ed1490eb8485
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
colossusssp.com/ 		2 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Date
Sun, 15 May 2022 02:58:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?aun=adhesion_ad_1&t=drteytvw&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.221.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-221-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d62c29dd8c69dcf9b80ec229c7bd394ddc26416673a68843272459c9dae672e0

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7540049cc4ecd14eb59c8f7710e39edddde0406e929a987b2c3d848f26aad534

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 02:58:58 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1946
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9e4e9a6ccfc4fa4c25f76b5aa2493d2b15782b5cefc6bec555fd0139d2341696
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c307a2ec-9417-4d8e-a1c1-28a05d394a65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		2 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?aun=leaderboard_ad_1&t=227109&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.221.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-221-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=726630&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22176d6615773e84%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fballeralert.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22181ccf032a5ffa9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22726630%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
741f6827a1fac645856278a2dbb0012881b90696122f9e832e51da9f2bb940c5

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://balleralert.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 15 May 2022 02:58:59 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175794&size_id=2&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=91fc1ac0-7c7a-4871-b2f8-bdb24a951c4b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19038494596408073
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2a04876ca0217fd228c3b0d34e799ad5c310401296ca69e513ee52b3ec624a46

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
colossusssp.com/ 		2 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Date
Sun, 15 May 2022 02:58:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175796&size_id=15&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=18cbd72b-9555-44b1-af92-65d5592d4531&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15654052931846607
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
79856fff59faea11fdc82c2ea7faaec7cfa38f03130fb2218c726e1fcd61eb20

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
colossusssp.com/ 		2 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Date
Sun, 15 May 2022 02:58:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=726630&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2231c7afbc6cdd1bb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fballeralert.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232baac0aa7c7d08%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726630%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e90d0b0c83a51f6fdff289223f4e944a7b6be4a87da1f8b7d63215db7863130

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://balleralert.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6548
x-ak-client-geo
12
expires
Sun, 15 May 2022 02:58:59 GMT
imp
g2.gumgum.com/hbid/ 		2 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?aun=medium_rectangle_ad_1&t=227110&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.221.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-221-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aab386e9e6b02a55b7b63cd3205a32e92b67cd2669768b0476ab1bccb6cab587
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 15 May 2022 02:58:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
721633f0-5310-4754-a856-eb2e6fad9e5d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f52c145f4c6224f0abdbdef6b07f12394204642286c18f21915ebee59c9942a3

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1954
cygnus
htlb.casalemedia.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=726630&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22413b447e278c6d9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fballeralert.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2242d5b6fbc3d3df8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726630%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bc32c0d30b24114c27fdad6f5576c5f69bc4829f68430d27990bb88d42c3ba4d

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.10], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://balleralert.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4014
x-ak-client-geo
12
expires
Sun, 15 May 2022 02:58:59 GMT
/
colossusssp.com/ 		2 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Date
Sun, 15 May 2022 02:58:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3dba15ffc6aa9cfe1f5534b3c660cabd06543bbe9815ebd72e8f7a59e87c3943
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 15 May 2022 02:58:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ed1346fa-1072-4b20-b6e6-7ff6aa33f12d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?aun=medium_rectangle_ad_2&t=227110&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fballeralert.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=https%3A%2F%2Fballeralert.com%2F&ns=10240&gpid=
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.221.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-221-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=316598&zone_id=2175796&size_id=15&rf=https%3A%2F%2Fballeralert.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=f4cf8042-944b-4904-bf15-4e97bd4eae44&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10357995558292243
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3d9de7fd996f090a92b41c27b0be8618db03a346bc13d16ec19b965173148259

Request headers

Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://balleralert.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6E19 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 15 May 2022 03:55:17 GMT
FollowCompany.js
www.linkedin.com/pages-extensions/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.163
Requested by
Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
content-encoding
gzip
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
vary
Accept-Encoding
content-length
487
x-li-uuid
AAXfBBbQue/hPCfIp1qhWw==
pragma
no-cache
last-modified
Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A1744425459F4C38916FB2F51C7A9F9F Ref B: FRAEDGE1408 Ref C: 2022-05-15T02:58:59Z
date
Sun, 15 May 2022 02:58:58 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store
etag
"0d578f8fe60de8a7387d14add245dd861b9f89d5"
accept-ranges
bytes
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame B378 		564 B
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f794a9fc3aefd893764022eb7bb27bdcfada218aad3500ac3135494507290054
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-Grmi45FGSj7cwgnmqLKRLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-Grmi45FGSj7cwgnmqLKRLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:58:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
runtime.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/runtime.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
129bd016a23768f3c4931f8fccf17ed666af73ece3f0efc8771e2452f59d3392
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles runtime.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
1497
x-amz-id-2
btwinWKryRdqPfbwSu6uGYnDgBmdZMtpB6e2I18zvvoH0nClz9e30N+o7qT1H59/ybF3jFyaTws=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.140853,VS0,VE1
etag
"1850c5994da734793fec576f5e1456bb"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQ45W6G0594RHGB
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
589.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		206 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/589.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fda3146de8ab338d15cc956689f32f446cb08e9eae500de25c19e0bcc65a2760
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 589.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
68621
x-amz-id-2
t/8vYja/OzDNxpYb+QZohSw1WjHMA1hgdAcJPmU4FWz+t3raFouxSHxG4pRDBCEFuJdGLQN0xr0=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.140981,VS0,VE0
etag
"7bb1fdc7a51e1048f72798bd06b3a2fa"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQ2Z7WH8P3XTNJ9
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
619.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/619.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27818d82f071ef5a2025ad9f0c3eb98e68817f7dfee5b337726368a3c681f514
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 619.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
7257
x-amz-id-2
/KAf2mXqPVy9jO3xpI5X21WcjnJ3Rz7je5KtQXw+Rpa4a9/9sQ4E2IFAVnpYJZHC9LNSJIbORHE=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141090,VS0,VE0
etag
"8f44e8bd4d07d6e9ee0da144a6422765"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQ7VN0WHNKE5V9X
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
349.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/349.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90f64615026c1d8a716f9e3a71736ce79ec4707f2a1c798a5318ae42b45fe604
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 349.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
1773
x-amz-id-2
YHO47RffFku19A1e9sq75GraEagK/QPK33rei2Fb51Vs91/bifEuuHk1UrVyixgKARmuwDDlK0Y=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141361,VS0,VE0
etag
"b49ea410d65ce101ab5d5ebb48cf2766"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQ9RJ79THR8RWK6
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
16.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/16.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fac42d19f7115964cb32bdbd6f07f93fa3d9318db93e9c6e48c76d18b8a18d6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 16.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
23263
x-amz-id-2
oJeVBJ/Q0zSIg7an810V8xQzbi3VXVF68K+lRZXSCL7Ibr2aQ4MbjXQenFTUHXgXjfCz4l4zpfo=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141319,VS0,VE0
etag
"b29d18ec40446647c49a1b746ab8b493"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQEQBB21V5YHTMF
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
2.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/2.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
589bfbac3ce242244924538a111c8b8c565434f9d8e5862abf690f02f3cee191
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 2.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
11492
x-amz-id-2
DPjV6m5PNBsX2qCIQVdYt8rcYVwy2mLQHK+6A1nTgrclIJ54eKTk+mvNVLvHCglEr6JEpx3ztmY=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141828,VS0,VE0
etag
"1714264b1bb4be9b50d392531a82a834"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQEJPNCM4WBEJ7T
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
148.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/148.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0908e71188a30f735a4fa7ae333e4495a8c36c2d058ca4188d846be6c9115e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981544
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 148.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
2513
x-amz-id-2
6fUKDFryIFH/LaXXrIHC8IgO2p5x1Ok0c97SDYq1sOdfYXcFH9c7XBxCeKUSJjbhincaS1PqbFo=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141808,VS0,VE0
etag
"16a07d40e62ae60e0021870142a0ebd5"
strict-transport-security
max-age=31557600
x-amz-request-id
DKQ8F81455KW3A3G
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
614.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/614.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a77132556b6dc115161b329ea7e844bb0dc7b7858498909896caf7377987b170
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
440300
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles 614.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
4856
x-amz-id-2
0Z6GfryTliNOXCnxnTElzuuPswlzyhoedkF0JBCUt9omvny8jjVufcrL70x1Lqwm/QHrOR91JUI=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141774,VS0,VE0
etag
"f2378e3f97bd99a5a82bdb6726ff8ee3"
strict-transport-security
max-age=31557600
x-amz-request-id
C3BAEYDP89AW3FXP
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
podcastProfile.widget.js
www.iheart.com/v8.33.1/9efce1a/bundles/ Frame 787D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iheart.com/v8.33.1/9efce1a/bundles/podcastProfile.widget.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27976e2bf0b132ddf2b59360c232d97827f105cc81cb4a80e498f461b25ad127
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

geoip-country-code
DE
x-amz-meta-cache-control
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
x-fastly-country
DE
age
981533
x-cache
HIT
x-amz-meta-surrogate-key
web v8.33.1 9efce1a bundles podcastProfile.widget.js
x-cache-hits
8
client_geo_postal_code
91541
content-length
4082
x-amz-id-2
OZ2TkbbRwpuyKb8Jnzwy/aHoV/cB5Q0WMx55L3bPy3W+gxeIqtvFMAtlKdaqHtLaI9V+7OjXsq4=
x-served-by
cache-cdg20774-CDG
accept-ranges
bytes
client_geo_longitude
10.200
last-modified
Fri, 29 Apr 2022 17:13:44 GMT
server
AmazonS3
x-timer
S1652583539.141752,VS0,VE0
etag
"9f45401ed22be5e9c79ac72d1c3479ed"
strict-transport-security
max-age=31557600
x-amz-request-id
6ZMQEASPF1XYJS75
via
1.1 varnish
client_geo_latitude
49.380
cache-control
max-age=31536000
normalized-language
en
content-type
application/javascript
x-ihr-app-language
en
date
Sun, 15 May 2022 02:58:59 GMT
x-ihr-app-country
WW
aHR0cHM6Ly93d3cub21ueWNvbnRlbnQuY29tL2QvcGxheWxpc3QvZTczYzk5OGUtNmU2MC00MzJmLTg2MTAtYWUyMTAxNDBjNWIxL2M4ZDc1ZGE2LTBjYzctNDU4ZC04NTM3LWFlMzIwMDA1Yjk4OS83ZTkyYjNlOS1mOWRlLTQxZjktODMxOS1hZTMyMDAwNWI5O...
i.iheart.com/v3/url/ Frame 787D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.iheart.com/v3/url/aHR0cHM6Ly93d3cub21ueWNvbnRlbnQuY29tL2QvcGxheWxpc3QvZTczYzk5OGUtNmU2MC00MzJmLTg2MTAtYWUyMTAxNDBjNWIxL2M4ZDc1ZGE2LTBjYzctNDU4ZC04NTM3LWFlMzIwMDA1Yjk4OS83ZTkyYjNlOS1mOWRlLTQxZjktODMxOS1hZTMyMDAwNWI5OTcvaW1hZ2UuanBnP3Q9MTY0MzkzNDA1NCZzaXplPUxhcmdl?ops=fit(240%2C240)
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/podcast/1119-the-baller-alert-show-53352259/?embed=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.214.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e46388dcfb0a6650f7c82a0452e10bccd6b5ec4e0d73bcb96793148616770f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
via
1.1 varnish (Varnish/6.5), 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-age
1627493
content-length
9460
x-ihm-mediaserver
Ahshaj4o
x-served-by
cache-iad-kiad7000129-IAD, cache-cdg20774-CDG
last-modified
Tue, 26 Apr 2022 05:53:51 GMT
x-request-id
cortex-proxyd-varnish-7d7bf5db86-gklqf/6SO5lIqAeD-271982893
x-timer
S1652583539.232045,VS0,VE1
x-dest
http://mediaserver-20220405200449:8000
etag
"2c0c503bc6b1007230f7c95950ba45589e28c0e8a8ecfb9536baa0d9bc86df34"
vary
X-WEBP, Origin
content-language
en-US
cache-control
no-cache, max-age=21600, public
accept-ranges
bytes
content-type
image/webp
x-cache-hits
2, 1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1359023445&t=event&ni=1&_s=2&dl=https%3A%2F%2Fballeralert.com%2F&ul=en-us&de=UTF-8&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=5enjsa&_u=aDDAAUADQAAAAC~&jid=&gjid=&cid=650311075.1652583538&tid=UA-3874823-1&_gid=1066784769.1652583538&gtm=2wg5b0PQXBJK4&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9zkrdib96i%2Fl0trou%2F5enjsa&z=209970420
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 May 2022 10:09:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60565
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fballeralert.com&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 00:20:56 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server
Server
age
9483
x-cache
Hit from cloudfront
access-control-allow-origin
https://balleralert.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZAoS-Sp_D5-7zMzlx7jWWgeob2MyxEMjWwlV9sG3fW6VUnz-qs5ANg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=PyXMzps1effgF&cb=0&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22adhesion_ad_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%2Fadhesion%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
0S490BNNNJZ7MG317PHX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Teb7mBFTWO37fGnpsztBOfB8NyCthuzXLjzun2XwzMEeUz6SFOub-A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=PyXMzps1effgF&cb=1&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22out_of_page_1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
Y1H0MK9A39GRBC3XRPNF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
VWYbjVArMBgKNQkaaeqlb3-Hygr7x6YYlZzNW2GRdy_wGsepehUAIA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=PyXMzps1effgF&cb=2&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22leaderboard_ad_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
FXMJQWEQ6MF7XNP9E8JV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
gRO5bt-Cqe9RG81z4bp8E9Wots3mLdOBf7xW3EhJcoK54RSy0IH8QA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=PyXMzps1effgF&cb=3&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22medium_rectangle_ad_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
9VWZCDYVPRCM861J81BG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
OsQLX5M1NZRgvkCWZpWqL-ybPwEIIQMMyM20PrM3LqWLIjOegn5DfA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fballeralert.com%2F&pid=PyXMzps1effgF&cb=4&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22medium_rectangle_ad_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F11462305847%2C22606553477%2Fballeralert%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
QHPFWRPM3RZN62CFWSJX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
1TZ8OmmOs9WbVdC0SnmbCOlSvOfJnvycNjI5pNluis4xgeob72GRPQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
80069
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Sat, 14 May 2022 04:44:31 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
G_NjdDw1fjeOJdpl5c2Vm1AiCntAoR9h16cQC9idJqTeLPK0MRwmdw==
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 923F 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 May 2023 12:23:41 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 923F 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=balleralerttv&layout=default&count=hidden&origin=https%3A%2F%2Fballeralert.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 May 2023 12:23:41 GMT
cspreport
accounts.google.com/o/ Frame B378 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-CnVpYmlkXRcgDjaTakcfcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-CnVpYmlkXRcgDjaTakcfcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 81F1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
23066399-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame B378 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/23066399-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57dbe899a2b5c804f6e667838d56d9467d692e449dce19c7f9e48e84776c0ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 06:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4281
x-xss-protection
0
last-modified
Tue, 03 May 2022 00:11:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 May 2023 06:33:44 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame B378 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fballeralert.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6eb301ab64cae9e40b6dcfef395f12adcc34f52002d9ea7b1c58a095d7f68fe
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5549
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sun, 15 May 2022 02:58:59 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"62fcadf59d7cc19f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 May 2022 02:58:59 GMT
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 923F 		156 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:51:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
320830
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 09:51:49 GMT
loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=315bdc96-87af-4aeb-8297-f58f3375d6bf
ww.api.iheart.com/api/v1/account/ Frame 787D 		265 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww.api.iheart.com/api/v1/account/loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=315bdc96-87af-4aeb-8297-f58f3375d6bf
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/v8.33.1/9efce1a/bundles/589.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4f::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd28c8ec88fa7840255a554e79f0f7a48513e645c02d1ef9941b40b71939f0cc

Request headers

Accept
application/json, text/plain, */*
X-Locale
en-WW
Referer
https://www.iheart.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-hostName
webapp.WW
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
via
1.1 varnish
x-backend
F_HAProxy
x-timer
S1652583540.626222,VS0,VE378
vary
Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
x-cache
MISS
content-type
application/json;charset=utf-8
x-geo-country
DE
x-accept
json
x-cache-hits
0
access-control-allow-headers
X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, PATCH
accept-ranges
bytes
access-control-allow-origin
*
x-served-by
cache-mxp6973-MXP
loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=315bdc96-87af-4aeb-8297-f58f3375d6bf
ww.api.iheart.com/api/v1/account/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww.api.iheart.com/api/v1/account/loginOrCreateOauthUser;clientType=web;country=WW;pname=OrganicWeb;signupFlow=anon;uid=315bdc96-87af-4aeb-8297-f58f3375d6bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4f::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hostname,x-locale
Access-Control-Request-Method
POST
Origin
https://www.iheart.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin
*
access-control-max-age
604800
cache-control
max-age=604800
content-length
0
content-type
date
Sun, 15 May 2022 02:58:59 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-accept
*/*
x-backend
F_HAProxy
x-cache
MISS
x-cache-hits
0
x-geo-country
DE
x-served-by
cache-mxp6973-MXP
x-timer
S1652583540.607519,VS0,VE0
dv-measurements2756.js
cdn.doubleverify.com/ Frame C0CE 		528 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2756.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
09f33bbf788a3cee4b9da117e56a2e09aad4b3203e085195bb7d5f870d16c436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:58:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 May 2022 15:06:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0a1fce71166d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99723
pub.json
pub.doubleverify.com/signals/ 		197 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,arb,utm_source&url=https%3A%2F%2Fballeralert.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a88fa093edf86e9a223c9040c66137018330191d6577ea5f7624f5f9837895
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=164, ids;desc="ids iqc";dur=16, bsc;desc="bsc iqc/hc";dur=31, rauth;desc="rauth kv";dur=164
cf-ray
70b89d7278e201e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		197 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,arb,utm_source&url=https%3A%2F%2Fballeralert.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a88fa093edf86e9a223c9040c66137018330191d6577ea5f7624f5f9837895
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=162, ids;desc="ids iqc/hc";dur=25, bsc;desc="bsc iqc/hc";dur=25, rauth;desc="rauth kv";dur=162
cf-ray
70b89d7278df01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		197 B
581 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,arb,utm_source&url=https%3A%2F%2Fballeralert.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a88fa093edf86e9a223c9040c66137018330191d6577ea5f7624f5f9837895
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=164, ids;desc="ids iqc/hc";dur=27, bsc;desc="bsc iqc/hc";dur=27, rauth;desc="rauth kv";dur=164
cf-ray
70b89d7278e101e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		197 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,arb,utm_source&url=https%3A%2F%2Fballeralert.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a4012e1c08521722c4206735c3ead24eb883aa138884e2fafba48a7ad1f5db
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=294, ids;desc="ids iqc/hc";dur=26, bsc;desc="bsc iqc/hc";dur=26, rauth;desc="rauth kv";dur=294
cf-ray
70b89d7278da01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		197 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,arb,utm_source&url=https%3A%2F%2Fballeralert.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a4012e1c08521722c4206735c3ead24eb883aa138884e2fafba48a7ad1f5db
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=164, ids;desc="ids iqc/hc";dur=31, bsc;desc="bsc iqc";dur=21, rauth;desc="rauth kv";dur=164
cf-ray
70b89d7278db01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		345 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=VLP,TVP&adunits[/11462305847,22606553477/balleralert/home/adhesion][]=728x90
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b51181ec4fd9bcb5a45dca807e162d363103013b31adb66ffebb4f0a2f81ddaa
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
Referer, User-Agent, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=221, vlp;desc="vlp kv";dur=221, vp.adu0;desc="vp.adu0 kv";dur=221, rauth;desc="rauth kv";dur=162
cf-ray
70b89d7278dc01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		309 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=VLP,TVP&adunits[/11462305847,22606553477/balleralert/home][]=1x1
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9d31c716c319b1b112c376a88ffbdc98e461d2f91f36bd40be9e9f97a9b145
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
Referer, User-Agent, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=220, vlp;desc="vlp kv";dur=220, vp.adu0;desc="vp.adu0 kv";dur=220, rauth;desc="rauth kv";dur=161
cf-ray
70b89d7278dd01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		321 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=VLP,TVP&adunits[/11462305847,22606553477/balleralert/home][]=300x250
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423a0790db77cf762056a34b401222f3a93c47105209444e36d5004045fb8606
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
Referer, User-Agent, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=203, vlp;desc="vlp kv";dur=203, vp.adu0;desc="vp.adu0 kv";dur=203, rauth;desc="rauth kv";dur=160
cf-ray
70b89d7278de01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ Frame 923F 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddee1c5dbbdefe75f8616d691393f619cea7279d99182febab75a3b1762c0e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 23:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42814
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 23:48:20 GMT
pub.json
pub.doubleverify.com/signals/ 		318 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=VLP,TVP&adunits[/11462305847,22606553477/balleralert/home][]=728x90
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbf2dc13eba330a334887be9ac7b32a762774d101ff685b76ebc9f9038700bc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
Referer, User-Agent, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=203, vlp;desc="vlp kv";dur=203, vp.adu0;desc="vp.adu0 kv";dur=203, rauth;desc="rauth kv";dur=161
cf-ray
70b89d7288ee01e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
FollowCompany
www.linkedin.com/pages-extensions/ Frame A18A 		0
0
FollowCompany
www.linkedin.com/pages-extensions/ Frame 0925 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Requested by
Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
daeb29fd605be21c7908096e52dbe13b1fff514d7affa12c1c89aca9082e6624
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
801
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:58:58 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-li-fabric
prod-ltx1
x-li-pop
afd-prod-ltx1-x
x-li-proto
http/2
x-li-uuid
AAXfBBbYM0exF/mEesO/kA==
x-msedge-ref
Ref A: 9AF246B4D2794E7DA77A8E8CBB3F6E3C Ref B: FRAEDGE1408 Ref C: 2022-05-15T02:58:59Z
/
vtrk.doubleverify.com/ 		0
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=689126600418&ctx=24192157&cd160=5cbba733-cff8-4ab4-b63f-486e4be2c8fd&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-pq&cd180=network&cm180=69&cm181=17&cm182=11&cm183=16&cm184=22&cm185=1&cm186=557&cm191=0&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
pub.json
pub.doubleverify.com/signals/ 		321 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=VLP,TVP&adunits[/11462305847,22606553477/balleralert/home][]=300x250
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423a0790db77cf762056a34b401222f3a93c47105209444e36d5004045fb8606
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
vary
Referer, User-Agent, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://balleralert.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=167, vlp;desc="vlp kv";dur=161, vp.adu0;desc="vp.adu0 kv";dur=161, rauth;desc="rauth kv";dur=167
cf-ray
70b89d72c90701e7-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ Frame B378 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f98ac46a12e4c95f28120081d1c243b7b900fcf72ff77b00350fc0758d6c0d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 09:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 May 2023 09:33:14 GMT
visit.js
tps.doubleverify.com/ Frame C0CE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=90&ttfrms=28&brid=3&brver=101.0.4951.64&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=2004&ddur=65&uid=1652583539668569&jsCallback=dvCallback_1652583539668407&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2756&tgjsver=2756&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fballeralert.com%2F&fwc=1&fcl=662&flt=0&fec=1484&fcifrms=15&brh=2&sdf=2&dvp_epl=53&noc=4&ctx=24192157&cmp=DV701242&btreg=%eaid!%ecid!&btadsrv=%eaid!%ecid!&adsrv=104&unit=%%WIDTH%%x%%HEIGHT%%&seltag=1&sadv=%eadv!&ord=%ebuy!&litm=%eaid!&scrt=%ecid!&splc=%%ADUNIT%%&adu=%epid!&c1=%%PATTERN:utm_source%%&c2=%%PATTERN:arb%%&c3=%%PATTERN:categories%%&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_qtpid=%%PATTERN:pts_pid%%&dvp_qtsid=%%PATTERN:pts_sid%%&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=125786996113.8129&dvp_tukv=878952638995.2555&dvp_uuid=109701745705.18997&dvp_tuid=1027035069267
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2756.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.110 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
75c1a80a77d3fad1a72b715e16350080274eb1864e86f199c11babaec3dc6b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:15 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
05/14/2022 02:58:59
search
public-api.wordpress.com/rest/v1.3/sites/159055169/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/rest/v1.3/sites/159055169/search?aggregations%5Bpost_type_0%5D%5Bterms%5D%5Bfield%5D=post_type&aggregations%5Bpost_type_0%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bfield%5D=taxonomy.tribe_events_cat.slug_slash_name&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_2%5D%5Bterms%5D%5Bfield%5D=category.slug_slash_name&aggregations%5Btaxonomy_2%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_3%5D%5Bterms%5D%5Bfield%5D=tag.slug_slash_name&aggregations%5Btaxonomy_3%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Bdate_histogram_4%5D%5Bdate_histogram%5D%5Bfield%5D=date&aggregations%5Bdate_histogram_4%5D%5Bdate_histogram%5D%5Binterval%5D=year&fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=shortcode_types&fields%5B6%5D=has.image&fields%5B7%5D=image.url.raw&fields%5B8%5D=image.alt_text&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=15
Requested by
Host: balleralert.com
URL: https://balleralert.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=83d268fd126746748e3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef14756ad40a63259b94d54df04c2617b9df4229e8fbc080ec6f8941cc77a285
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-hacker
Oh, Awesome: Opossum
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
false
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
host-header
WordPress.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_2?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daca61029fd7e7caf09906cd20e3e8bf043de99af191828c8d6deb186f4ddb81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 23:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9508
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 23:48:35 GMT
subscribe_embed
www.youtube.com/ Frame C204 		604 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ac3933e39e7abf957b9612b11bbf646c46b6c16b5ab3211e225dcdddb5d2e59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sun, 15 May 2022 02:58:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 13:17:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
135660
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 13 May 2023 13:17:59 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 21:17:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
452502
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 09 May 2023 21:17:17 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:49:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
320941
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 11 May 2023 09:49:58 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 18:13:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
463511
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 09 May 2023 18:13:48 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 18:22:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
290163
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 11 May 2023 18:22:56 GMT
ajefqhtzbsq5o2zuk2px0xlna
static-exp1.licdn.com/sc/h/ Frame 0925 		123 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-exp1.licdn.com/sc/h/ajefqhtzbsq5o2zuk2px0xlna
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0B) /
Resource Hash
f31d585127e3ee130ba5e1d41f443d7d3d5e19cf9a2df0e0098e316e358f8e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
content-type
text/css
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
78623
x-cache
HIT
x-cdn-proto
HTTP2
content-length
19041
x-li-uuid
AAXe8ciDyTUY5fJv7xfcVQ==
server
ECAcc (mil/6C0B)
timing-allow-origin
*
last-modified
Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop
prod-lva1-x
cache-control
max-age=31536000, immutable
vary
Accept-Encoding
x-li-fabric
prod-lva1
access-control-allow-origin
*
access-control-expose-headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-proto
http/1.1
x-li-static-content
1
x-fs-uuid
0005def1c883c93518e5f26fef17dc55
expires
Sun, 14 May 2023 05:08:36 GMT
in.js
platform.linkedin.com/xdoor/scripts/ Frame 0925 		507 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/xdoor/scripts/in.js
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E8D) /
Resource Hash
b93460b3f58a8e5eda0ecba608cc2b3526020dc44c8bb49de08ce0de9fbc5db2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
2053
x-cache
HIT
x-cdn-proto
HTTP2
content-length
162499
x-li-uuid
AAXfA5xx2urLrQ+YGw9AMw==
server
ECAcc (frc/8E8D)
last-modified
Sun, 15 May 2022 02:24:46 GMT
x-li-pop
prod-lor1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lor1
expires
Sun, 15 May 2022 03:24:46 GMT
cwphtfsvdwm4k6n91alllgs6q
static-exp1.licdn.com/sc/h/ Frame 0925 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-exp1.licdn.com/sc/h/cwphtfsvdwm4k6n91alllgs6q
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BAF) /
Resource Hash
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
br
content-type
text/javascript
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
8753058
x-cache
HIT
x-cdn-proto
HTTP2
content-length
1408
x-li-uuid
AAXXDhv0WKsgfcuKN+V4nQ==
server
ECAcc (mil/6BAF)
timing-allow-origin
*
last-modified
Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop
prod-lor1-x
cache-control
max-age=31536000, immutable
vary
Accept-Encoding
x-li-fabric
prod-lor1
access-control-allow-origin
*
access-control-expose-headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-proto
http/1.1
x-li-static-content
1
x-fs-uuid
0005d70e1bf458ab207dcb8a37e5789d
expires
Thu, 02 Feb 2023 19:34:42 GMT
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=820237584109&ctx=24192157&cd160=f9bd4bc2-7156-43bb-b4d2-1732db995c37&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals&cd191=70b89d7278e201e7&cd180=network&cm180=202&cm181=0&cm182=0&cm183=0&cm184=185&cm185=0&cm186=213&cm170=1&cd187=ids%20iqc&cm187=16&cd171=80023001%2C84011001%2C80022004&cd188=bsc%20iqc%2Fhc&cm188=31&cm190=164&cd190=rauth%20kv&cm191=164&cd175=%7B%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=977745979560&ctx=24192157&cd160=34748249-15af-4e07-8198-d36634301860&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals&cd191=70b89d7278db01e7&cd180=network&cm180=202&cm181=0&cm182=0&cm183=0&cm184=185&cm185=0&cm186=215&cm170=1&cd187=ids%20iqc&cm187=16&cd171=80023001%2C84011001%2C80022004&cd188=bsc%20iqc%2Fhc&cm188=31&cm190=164&cd190=rauth%20kv&cm191=164&cd175=%7B%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=24086789898&ctx=24192157&cd160=18b8e016-9626-4301-9806-150dfeaaebef&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals&cd191=70b89d7278e101e7&cd180=network&cm180=202&cm181=0&cm182=0&cm183=0&cm184=185&cm185=0&cm186=216&cm170=1&cd187=ids%20iqc&cm187=16&cd171=80023001%2C84011001%2C80022004&cd188=bsc%20iqc%2Fhc&cm188=31&cm190=164&cd190=rauth%20kv&cm191=164&cd175=%7B%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=94545979587&ctx=24192157&cd160=b2725a97-cbdb-439b-8712-2f071a4a3dd9&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals&cd191=70b89d7278df01e7&cd180=network&cm180=202&cm181=0&cm182=0&cm183=0&cm184=185&cm185=0&cm186=216&cm170=1&cd187=ids%20iqc&cm187=16&cd171=80023001%2C84011001%2C80022004&cd188=bsc%20iqc%2Fhc&cm188=31&cm190=164&cd190=rauth%20kv&cm191=164&cd175=%7B%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame C204 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 10:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 May 2023 10:43:05 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame C204 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCIepUZdzvwXLH2KXv11srQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 May 2023 12:23:41 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ Frame C204 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddee1c5dbbdefe75f8616d691393f619cea7279d99182febab75a3b1762c0e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 23:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42814
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 23:48:20 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=balleralert.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=balleralert.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=790091515024094&correlator=3956409528893483&eid=44755510&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=2330257080&sfv=1-0-38&fsbs=1&ecs=20220515&fsapi=false&prev_scp=pos%3Dmedium_rectangle_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_medium_rectangle_ad_2%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D1%26domId%3Dmedium_rectangle_ad_2%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Df51ne1406b6%26GMAV%3D0_balleralert.com%26PAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dballeralert.com_pubmatic%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.14%26hb_adid%3D56bf49c3b2196d8%26hb_bidder%3Dpubmatic%26BSC%3D80023001%2C84011001%2C80022004%26IDS%3D1%26VLP%3D0%26pts_sid%3Da5456b8b-b473-4ff8-8c32-19c49ad76d55%26TVP%3D0-1&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_8%26second_rb%3D5SOV_59%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D87f69d7a-db26-4f3d-ba4a-bc5d2d552590%26IDS%3D1%26BSC%3D80023001%252C84011001%252C80022004&sc=1&cookie=ID%3Df1840450558f5fb5-223ba54d95cd00c8%3AT%3D1652583538%3ART%3D1652583538%3AS%3DALNI_MZ_bjs-t2ewNO3tUb4Ur44Mcx3gIQ&abxe=1&dt=1652583539890&lmt=1652583539&dlt=1652583537635&idt=642&biw=1600&bih=1200&adxs=1005&adys=1606&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fballeralert.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=290x0&msz=290x0&fws=0&ohw=0&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8973d34ac485be18bd1b676d880c06d4d7ce9bf4d3a28fdc4b8eb6ce81cc2ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22783
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38D2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:58:59 GMT
expires
Mon, 15 May 2023 02:58:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=790091515024094&correlator=3956409528893483&eid=44755510&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=3807761084&sfv=1-0-38&fsbs=1&ecs=20220515&fsapi=false&prev_scp=pos%3Dleaderboard_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_leaderboard_ad_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D1%26domId%3Dleaderboard_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Dtx9rncgflrb%26GMAV%3D0_balleralert.com%26PAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26BSC%3D80023001%2C84011001%2C80022004%26IDS%3D1%26VLP%3D0%26pts_sid%3Dda8db5ed-2809-4050-8f47-5b9ab011aa6c%26TVP%3D0-1&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_8%26second_rb%3D5SOV_59%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D87f69d7a-db26-4f3d-ba4a-bc5d2d552590%26IDS%3D1%26BSC%3D80023001%252C84011001%252C80022004&sc=1&cookie=ID%3Df1840450558f5fb5-223ba54d95cd00c8%3AT%3D1652583538%3ART%3D1652583538%3AS%3DALNI_MZ_bjs-t2ewNO3tUb4Ur44Mcx3gIQ&abxe=1&dt=1652583539903&lmt=1652583539&dlt=1652583537635&idt=642&biw=1600&bih=1200&adxs=436&adys=207&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fballeralert.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6d19dace9467a1805a9bd3434c04db5728130e30958a462a250e73cd83a6a903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30715
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=790091515024094&correlator=3956409528893483&eid=44755510&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=2330257081&sfv=1-0-38&fsbs=1&ecs=20220515&fsapi=false&prev_scp=pos%3Dmedium_rectangle_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_medium_rectangle_ad_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D1%26domId%3Dmedium_rectangle_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3D5rz7ilm2q3j%26GMAV%3D0_balleralert.com%26PAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dballeralert.com_ix%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D589d32ce2a5fa2f%26hb_bidder%3Dix%26VLP%3D0%26pts_sid%3D91752f17-8cba-440c-b74f-6c272bf12b59%26TVP%3D0-1&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_8%26second_rb%3D5SOV_59%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D87f69d7a-db26-4f3d-ba4a-bc5d2d552590%26IDS%3D1%26BSC%3D80023001%252C84011001%252C80022004&sc=1&cookie=ID%3Df1840450558f5fb5-223ba54d95cd00c8%3AT%3D1652583538%3ART%3D1652583538%3AS%3DALNI_MZ_bjs-t2ewNO3tUb4Ur44Mcx3gIQ&abxe=1&dt=1652583539911&lmt=1652583539&dlt=1652583537635&idt=642&biw=1600&bih=1200&adxs=1005&adys=1068&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fballeralert.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=290x0&msz=290x0&fws=0&ohw=0&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
10ac61e62a140e5355f5103e8782a953d3316c589b86bf2e8cc560f23a4d066f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8123
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		413 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=790091515024094&correlator=3956409528893483&eid=44755510&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2031355130&sfv=1-0-38&fsbs=1&ecs=20220515&ists=1&fsapi=false&prev_scp=pos%3Dout_of_page%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_out_of_page_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D1%26domId%3Dout_of_page_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Dr9yvnbunq9r%26GMAV%3D0_balleralert.com%26PAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26BSC%3D80023001%2C84011001%2C80022004%26IDS%3D1%26VLP%3D0%26pts_sid%3D977e8e66-c469-4cff-8a88-5774fd84dea3%26TVP%3D0-1&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_8%26second_rb%3D5SOV_59%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D87f69d7a-db26-4f3d-ba4a-bc5d2d552590%26IDS%3D1%26BSC%3D80023001%252C84011001%252C80022004&sc=1&cookie=ID%3Df1840450558f5fb5-223ba54d95cd00c8%3AT%3D1652583538%3ART%3D1652583538%3AS%3DALNI_MZ_bjs-t2ewNO3tUb4Ur44Mcx3gIQ&abxe=1&dt=1652583539919&lmt=1652583539&dlt=1652583537635&idt=642&biw=1600&bih=1200&adxs=0&adys=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fballeralert.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
97f31b5ed02acdb5a07dfcff965068a6f53e784b29528cfd79109fa819f706a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
218
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=790091515024094&correlator=3956409528893483&eid=44755510&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fifs&iu_parts=11462305847%3A22606553477%2Cballeralert%2Chome%2Cadhesion&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=6&adks=1278255468&sfv=1-0-38&fsbs=1&ecs=20220515&fsapi=false&prev_scp=pos%3Dadhesion_ad%26tld%3Dballeralert.com%26TLD_POSITION%3Dballeralert.com_adhesion_ad_1%26fqdn%3Dballeralert.com%26refresh%3D0_balleralert.com%26refresh_count%3D1%26domId%3Dadhesion_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26INVIEW%3D1%26sttrackid%3Duy2l1oofivp%26GMAV%3D0_balleralert.com%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dballeralert.com_pubmatic%26amznsz%3D0x0%26PAV%3D1_balleralert.com%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.14%26hb_adid%3D55fa2e982648daa%26hb_bidder%3Dpubmatic%26BSC%3D80023001%2C84011001%2C80022004%26IDS%3D1%26VLP%3D0%26pts_sid%3D1eda25b0-fd44-4f9e-9953-e11a00098c03%26TVP%3D0-1&eri=1&cust_params=ctype%3Dhomepage%26minute_rb%3D5SOV_8%26second_rb%3D5SOV_59%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D87f69d7a-db26-4f3d-ba4a-bc5d2d552590%26IDS%3D1%26BSC%3D80023001%252C84011001%252C80022004&sc=1&cookie=ID%3Df1840450558f5fb5-223ba54d95cd00c8%3AT%3D1652583538%3ART%3D1652583538%3AS%3DALNI_MZ_bjs-t2ewNO3tUb4Ur44Mcx3gIQ&abxe=1&dt=1652583539925&lmt=1652583539&dlt=1652583537635&idt=642&biw=1600&bih=1200&adxs=436&adys=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fballeralert.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=650311075.1652583538&ga_sid=1652583538&ga_hid=1359023445&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bfaafa74e4482601073da0616490db65f7f3215176d5e6215c9080ba32bfaa9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9342
x-xss-protection
0
google-lineitem-id
5731637970
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354784080
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
a.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=223541170643&ctx=24192157&cd160=3f808c9f-b18e-4e4e-b40e-d6163d29510d&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals-slots&cd191=70b89d7278de01e7&cd180=network&cm180=236&cm181=0&cm182=0&cm183=0&cm184=231&cm185=0&cm186=294&cd189=vlp%20kv&cm189=203&cm190=160&cd190=rauth%20kv&cm191=203&cd175=%7B%2291752f17-8cba-440c-b74f-6c272bf12b59%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%2C%22a5456b8b-b473-4ff8-8c32-19c49ad76d55%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=916737654969&ctx=24192157&cd160=160959a0-1a5b-4eb3-9c4e-4bb05c294093&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals-slots&cd191=70b89d7288ee01e7&cd180=network&cm180=226&cm181=0&cm182=0&cm183=0&cm184=225&cm185=0&cm186=301&cd189=vlp%20kv&cm189=203&cm190=161&cd190=rauth%20kv&cm191=203&cd175=%7B%22da8db5ed-2809-4050-8f47-5b9ab011aa6c%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=721461425387&ctx=24192157&cd160=f2570b8a-af72-473f-9c61-f67ec865d5af&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals-slots&cd191=70b89d72c90701e7&cd180=network&cm180=236&cm181=0&cm182=0&cm183=0&cm184=231&cm185=0&cm186=324&cd189=vlp%20kv&cm189=203&cm190=160&cd190=rauth%20kv&cm191=203&cd175=%7B%2291752f17-8cba-440c-b74f-6c272bf12b59%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%2C%22a5456b8b-b473-4ff8-8c32-19c49ad76d55%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=341442481142&ctx=24192157&cd160=7a5d287a-89bd-49aa-bccb-aa28f8adeddf&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals-slots&cd191=70b89d7278dd01e7&cd180=network&cm180=248&cm181=0&cm182=0&cm183=0&cm184=238&cm185=0&cm186=336&cd189=vlp%20kv&cm189=220&cm190=161&cd190=rauth%20kv&cm191=220&cd175=%7B%22977e8e66-c469-4cff-8a88-5774fd84dea3%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=90349968352&ctx=24192157&cd160=b6be596e-54f3-421f-9a6a-8824504bf27d&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals-slots&cd191=70b89d7278dc01e7&cd180=network&cm180=257&cm181=0&cm182=0&cm183=0&cm184=246&cm185=0&cm186=345&cd189=vlp%20kv&cm189=221&cm190=162&cd190=rauth%20kv&cm191=221&cd175=%7B%221eda25b0-fd44-4f9e-9953-e11a00098c03%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:58:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&z=694468535698&ctx=24192157&cd160=836d2ef5-7a4b-4454-a776-e50ac6f38074&cd161=https%3A%2F%2Fballeralert.com%2F&ea=load-signals&cd191=70b89d7278da01e7&cd180=network&cm180=202&cm181=0&cm182=0&cm183=0&cm184=185&cm185=0&cm186=380&cm170=1&cd187=ids%20iqc&cm187=16&cd171=80023001%2C84011001%2C80022004&cd188=bsc%20iqc%2Fhc&cm188=31&cm190=164&cd190=rauth%20kv&cm191=164&cd175=%7B%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-210-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:59:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=7D483CF27233457ABEA1E948264FE65E&RedC=c.clarity.ms&MXFR=242FC970F9CE688615F6D8D5FDCE6695
  • https://c.clarity.ms/c.gif?CtsSyncId=7D483CF27233457ABEA1E948264FE65E&MUID=33974819B660636410DE59BCB70B62F3
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=7D483CF27233457ABEA1E948264FE65E&MUID=33974819B660636410DE59BCB70B62F3
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:58:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D5C49A0D1284DC9BFEC59B4EF3AB10D Ref B: FRAEDGE1417 Ref C: 2022-05-15T02:59:00Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=7D483CF27233457ABEA1E948264FE65E&MUID=33974819B660636410DE59BCB70B62F3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7e1d9c0252498417e1f75ded9663451da07a53a9aa5cd32d519fa97611e558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10617
x-xss-protection
0
like.php
www.facebook.com/v11.0/plugins/ Frame 88D0 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ef5f0df40f8%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff1397e6208ba6b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d64ba4d80623077418a6099c86b84bf8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
740f5e3f90a88b6706f13951d54dde0b8bbbba8ecaf16d25e9a833a932925987
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 15 May 2022 02:59:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
D3OYtJrlqarLuFdghmsOo/1y1aX0v7P8AF3PjZGlsF6bApAna4Gpbyv41z68Evd4jlanylsO4Wc3AQC+2dOnCg==
x-fb-rlafr
0
x-xss-protection
0
locationConfig
ww.api.iheart.com/api/v3/ Frame 787D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww.api.iheart.com/api/v3/locationConfig?countryCode=WW&hostname=webapp&version=8-prod
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/v8.33.1/9efce1a/bundles/589.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4f::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a90816dc8d9f40c76d30dc7e28de51bcb569aee491d29376d95775360623e600

Request headers

X-Locale
en-WW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-hostName
webapp.WW
Accept
application/json, text/plain, */*
Referer
https://www.iheart.com/
X-Session-Id
GiNMUAt7SiQEPQbdSmJXD2
X-Ihr-Session-Id
GiNMUAt7SiQEPQbdSmJXD2
X-Ihr-Profile-Id
5451834289
X-User-Id
5451834289

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
via
1.1 varnish
x-backend
F_HAProxy
x-cache
MISS
x-geo-country
DE
content-encoding
gzip
content-length
2677
x-served-by
cache-mxp6973-MXP
x-timer
S1652583540.087262,VS0,VE329
vary
Accept-Encoding, X-hostName, X-Accept, X-Locale, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type
application/json
access-control-allow-origin
*
x-accept
json
accept-ranges
bytes
access-control-allow-headers
X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
x-cache-hits
0
locationConfig
ww.api.iheart.com/api/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww.api.iheart.com/api/v3/locationConfig?countryCode=WW&hostname=webapp&version=8-prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4f::596 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hostname,x-ihr-profile-id,x-ihr-session-id,x-locale,x-session-id,x-user-id
Access-Control-Request-Method
GET
Origin
https://www.iheart.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-hostName, X-User-Id, X-Session-Id, Content-Type, X-IHR-Profile-ID, X-IHR-Session-ID, X-Locale, Authorization, X-DeviceId
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin
*
access-control-max-age
604800
cache-control
max-age=604800
content-length
0
content-type
date
Sun, 15 May 2022 02:59:00 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-accept
*/*
x-backend
F_HAProxy
x-cache
MISS
x-cache-hits
0
x-geo-country
DE
x-served-by
cache-mxp6973-MXP
x-timer
S1652583540.068971,VS0,VE0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5729413333126369&plah=balleralert.com&bust=31067561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 02:59:00 GMT
The-Weeknd-Selfie-Pic-Moment-Hoodie.png
i2.wp.com/balleralert.com/wp-content/uploads/2020/11/ 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/balleralert.com/wp-content/uploads/2020/11/The-Weeknd-Selfie-Pic-Moment-Hoodie.png?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
063b43cf222ee719c29a86e38cfcdeec77ff3c3642b91d189d4cf0c53a3f085d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Apr 2022 12:55:52 GMT
server
nginx
etag
"e18e7f3167f50412"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2020/11/The-Weeknd-Selfie-Pic-Moment-Hoodie.png>; rel="canonical"
content-length
380094
expires
Sat, 27 Apr 2024 00:55:52 GMT
iStock-458475669.jpg
i2.wp.com/balleralert.com/wp-content/uploads/2019/12/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/balleralert.com/wp-content/uploads/2019/12/iStock-458475669.jpg?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e5bc6fae7e7532c131808d60d876b9c3c47ed450d856fd348479efb4c223223b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Apr 2022 19:02:13 GMT
server
nginx
etag
"d0166c1e31df3da5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2019/12/iStock-458475669.jpg>; rel="canonical"
content-length
58508
expires
Tue, 30 Apr 2024 07:02:13 GMT
iStock-1252711675.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2020/12/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2020/12/iStock-1252711675.jpg?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
10af94f8bff58e193ba0f000f22e445cb9fb4ea99c308cccff09ec09bdf1719a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Apr 2022 20:53:15 GMT
server
nginx
etag
"154b835835e54be5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2020/12/iStock-1252711675.jpg>; rel="canonical"
content-length
132210
expires
Tue, 30 Apr 2024 08:53:15 GMT
44D6D563-E47C-47B0-9561-257720FCAD8C.jpeg
i0.wp.com/balleralert.com/wp-content/uploads/2019/03/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2019/03/44D6D563-E47C-47B0-9561-257720FCAD8C.jpeg?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
66d5fae91c3f470fc3e1de75a9f3c513e4b7508a1be6ad2d9e670ff5bbcef02f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Apr 2022 12:55:51 GMT
server
nginx
etag
"33cab3363e7becff"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2019/03/44D6D563-E47C-47B0-9561-257720FCAD8C.jpeg>; rel="canonical"
content-length
23924
expires
Sat, 27 Apr 2024 00:55:51 GMT
sam-anello.jpg
i2.wp.com/balleralert.com/wp-content/uploads/2020/10/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/balleralert.com/wp-content/uploads/2020/10/sam-anello.jpg?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b6df961fd50b31c60bc1f4e615472dba5c97026d96acf25f7e17403cbab56249
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Apr 2022 20:53:15 GMT
server
nginx
etag
"5365d8ceb88250f4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2020/10/sam-anello.jpg>; rel="canonical"
content-length
24094
expires
Tue, 30 Apr 2024 08:53:15 GMT
GettyImages-600031576.jpg
i2.wp.com/balleralert.com/wp-content/uploads/2021/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/balleralert.com/wp-content/uploads/2021/01/GettyImages-600031576.jpg?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
44efe447362971665b769f35466cf1809d6bfcc30348a7b24042b3954ef13321
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Apr 2022 20:53:15 GMT
server
nginx
etag
"b7fbd8ddf4135a80"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2021/01/GettyImages-600031576.jpg>; rel="canonical"
content-length
18820
expires
Tue, 30 Apr 2024 08:53:15 GMT
iStock-1126458271.jpg
i0.wp.com/balleralert.com/wp-content/uploads/2019/11/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/balleralert.com/wp-content/uploads/2019/11/iStock-1126458271.jpg?resize=600%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3376ffe71fb8b142c3628b23df3362b4e4114623d302f60f7c25093614ac361c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Apr 2022 20:53:15 GMT
server
nginx
etag
"75ddc952ae5dc9d7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://balleralert.com/wp-content/uploads/2019/11/iStock-1126458271.jpg>; rel="canonical"
content-length
47486
expires
Tue, 30 Apr 2024 08:53:15 GMT
container.html
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A1B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:58:59 GMT
expires
Mon, 15 May 2023 02:58:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A0D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 23:19:54 GMT
expires
Sun, 14 May 2023 23:19:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FA68 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf4352da2a4af80dfcf187836e3b08e4547e08d88316d02a48d7f121a1b6aa8a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FIGb98iVSmnah4GsYxRVFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-FIGb98iVSmnah4GsYxRVFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:59:00 GMT
expires
Sun, 15 May 2022 02:59:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame A1B1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:55:23 GMT
css
fonts.googleapis.com/ Frame A1B1 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 15 May 2022 01:37:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 15 May 2022 02:59:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 May 2022 02:59:00 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame A1B1 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.css
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 08:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:41:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 08:23:22 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame A1B1 		349 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 09:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122885
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:41:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 09:17:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame A1B1 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:34:50 GMT
l
www.google.com/ads/measurement/ Frame A1B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsTFJkh_ImWMRnqTMiHAIhXydMYbOxU7eJoM3JnKLehTQwu4uKzpy_lbQBcC89vX5wGPZ9
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FA68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=790091515024094&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame A1B1 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l36pkkja&c=2001980664230&slotId=1000990332115&qqid=CIK78LbB4PcCFRbVEQgdRjEDnQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c10::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A1B1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:33:03 GMT
x-content-type-options
nosniff
age
285957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 19:33:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A1B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:32:51 GMT
x-content-type-options
nosniff
age
285969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 19:32:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1B1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C_10-c2yAYsK1OZaqx_APxuKM6Amw8PntacmQmOL_D_AuEAEg_7C8MGCVgouCmAegAcvk9fwByAEFqQI7gUlmmHexPqgDAcgDmwSqBKICT9CxbBnsWmYUWecfI6EZuO6p8iypv0eEdLj6sAPcOatsZe042cJAo1rAesBOuyG8-Ge-IiI0suKL3YQCyAP2_S8KrbH33V4Q89_dLj7Dy0Q1zoNbO2JOr-_ybI72QaRM9YlU9Kb6fgtWOLwAKkO42ovqpahVYca8zu_pIc_AMLorsqQNddcaHR3UgtMI_uTfTjByPRD89iUfaRqUSyTTPmJenS1gt2WF5Q_wchDtdEvevpIMnW2X_kk19Wxiim1cesdlnbNHqVZr-E5xi495tzw2-rngJM1bFBtVgy0HmexALZ9xvF_2g30MyvfhPOSp19hdaMT0Jjp9ZxhZbiBITa6Gq6eDmgKp5-kGLKHaWldNG4cej_qiDjDoJzrDNytyB83ABJzS8dr9A-AEA5AGAaAGToAHnZuKgwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTg4MzkxNzk4OTQzMTgzODWACgOYCwHICwGADAGwE7_ViQ_IE-7zkeAD0BMA2BMKiBQD2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1652583540221&ai=C_10-c2yAYsK1OZaqx_APxuKM6Amw8PntacmQmOL_D_AuEAEg_7C8MGCVgouCmAegAcvk9fwByAEFqQI7gUlmmHexPqgDAcgDmwSqBKICT9CxbBnsWmYUWecfI6EZuO6p8iypv0eEdLj6sAPcOatsZe042cJAo1rAesBOuyG8-Ge-IiI0suKL3YQCyAP2_S8KrbH33V4Q89_dLj7Dy0Q1zoNbO2JOr-_ybI72QaRM9YlU9Kb6fgtWOLwAKkO42ovqpahVYca8zu_pIc_AMLorsqQNddcaHR3UgtMI_uTfTjByPRD89iUfaRqUSyTTPmJenS1gt2WF5Q_wchDtdEvevpIMnW2X_kk19Wxiim1cesdlnbNHqVZr-E5xi495tzw2-rngJM1bFBtVgy0HmexALZ9xvF_2g30MyvfhPOSp19hdaMT0Jjp9ZxhZbiBITa6Gq6eDmgKp5-kGLKHaWldNG4cej_qiDjDoJzrDNytyB83ABJzS8dr9A-AEA5AGAaAGToAHnZuKgwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTg4MzkxNzk4OTQzMTgzODWACgOYCwHICwGADAGwE7_ViQ_IE-7zkeAD0BMA2BMKiBQD2BQB0BUB-BYBgBcB
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A1B1 		26 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A0EAGR6MaoDKR3k6KgkojyX_IBlQy2eEsXcJ6Xqt5CtwKvw147O2aCcCebuE3NbIVYWkMbf1ih7Azh7uqKfY35fQOO3Q&dbm_d=AKAmf-AlLo_PWL683x5mI_sr1dT3gTAe6_wMILkWAFGIUFFxQzJ4AWH1ozuZDeB5wIhD5IHN8MfvgDWyP8JjRGXCKchunkN9FMWmZsBcQcUanC7hapLCjkZ9enPLdqDEhGo5zUrph97WboffKfrf45vLWy7huUYt6sWekJKHftzyQnf9g2qYK9jjiHLV8gcGEDM8Y92zXo8-rtzjuR0vP5MeVUXnBoZZbWbEkTQa7-vrbnm-eoxQtyw1E0f87V9TzkjkRJcFu6aKL7uCbU0THTgvXOwH0OA19Ak7RdjsC0xsgnx3ObFQh0hell8xltk0-oy0sPLdf-M3sEajwBlLCF1S4ZoqoH6-GVu-Nxk5awN6uv9wRi7bH93vrKhw1JOKNZdQnDDTUWTXtUCUbCRfOX2mibYYISzG7YuzUdW2yestT6MyFRyTa155KSrL7Vsp-wDJ47cGCa5pBlNhIj2nF-FXdGJrKg4_GypCQjH3JD4Zun4GdGX0GpP_U2icGmW9x85T5N8AdDy-Qd_dXFjcHbuWOWgmJFofsGlpFP5vLHFwFjfRcMEy0vAkYIZrCHegtTAnz6C8cE07Jl4RMk-slI7oY7IzhBIqEDuC2DhCisFeypAKitxGA5HSihOAB5CtC13OvvQbpiNnRiHYOQ0383LdSdiPL0WbdMZAUvjTiI7PgtJJg7iLuFVUFbVeykkKW5U6qNY4-TSIYVdPLJpEyK9UQ-dxJ_b2Q6vENRVgmENaFunwemxU-HTQvZhzUyJxAXvnQeCBo5DHE3deM_EtEv9z57zfrroLCR7ldDS_fnfKpPTTrzB_CH9UO6kJDMsEKqEPUko-Dm7Z9E3-G6J-XWcRBfykNJ3kXFE3_LTzfXX6GeM9xHjoZukeHHJXMnDaYBsfegBR0ALfBqN8eBst8LRRrN6_pMMbARy3zAUPCXeSWz4lqufHRjiyHLDdouTXQgz6bfMhCFCjIhDEcQ2cGgIXJTItNsDPxO7lIcY3HJfcaWOZxhxKSyb8RLNRBpPQjzn5POSAdHxFo_6_hMdYRnouQzuq3YGP6t_OWZs3OkOm21XPyRY2lj50hK2dwZRhu-t9YI4shjsBk8WGwjEOmdYVedj-9DlVWAcm0UoVyLbYq3QJRVKIyKccC-Z0TXtV7piupg_Wl6Q2HAv38yzbs-ZTZRwV6SnK5Y8W_gEdiT_-l3w5m2XKtqBiWqMwQ40Kd80GuXIpVkLOYBqQMLb-iFver8bw5EmkarghI0kB8UQyTYu3p7D37pX6nvId2beO7GzFG8b9SjS8v7gUNMYnYThO6z8eitL0ZfIqWApePi6AkBapKiHzmHKDNwkr07vpd3UV_kVtpHFAtF-umlXYlkzHHCuGJ9zD69zk7N43wOsUB1LFEnkzeL7sbKR2DSKtg4SYVVniGKTy3Oa5SdjQ118N0U7t8usyXgKlUXqlb2H9NpEVVKLgRAc6H_V8Ab-5MEerAP4KjVcLJm4yeJqBPuornVtl2rKa4InCpYyWoV6yjwTJYV5K1ZvSu2QYAUW8xnnnR3dPzAA_2nYcdGg6A1rdSdQwSxC_vQi9S844U1os638hPZNASax_q709634ZQXDqzKh8zufXGWC8kldS66kY6sOgmw5BGgXeRPVEIwPLNxffHETmiG72BzjJ6QOGHuJJNXH2rrQDgJZRJJ8fCiJOkfIorHxIjZaSzNvocAz3BYchlI2Khb9DGbiJUzd_zqfUWUaRrJZDXzV4eBTowqwpAF_JI9y7ucpy0zT6fndVQM12m2rN-7491dwRZ6y8WJnzFQtsMEG712b56IxlJZCmCAzFIzmo2tIeW8-ELPxNzS5dg2ynhnTHZaUQwMNUa9Indw1BaVMW9g9U7bbLdLcTe6SBO2CXoGKaooqAIClflrs-KcbvnjRd5zqJonU5gECKRzsfOC3dGNjl0Rc-v5pfIJ2tjIOGXT9wmjPApdRhoFY3tHTMAc_fPYO90n6F8WjRX_oqhZkqCL48SQN7LZflz2rgGfSvCDj7klGLNNk5kY2RnsUyV0_qzeBYCEgoBKYI5VBamQy4gYGGRxjqVnWjDSiWtnwqsKZdQhJIlP-PWFsm7-TafIyXOjiU3rkkDVEL5nIM5qb83pPC2KOVJoPJhoI8MqYno4cuJMh17MxCU3ktWOh5Ow-GsaBsVQHScT2PTHC7TKfFiNfpWIv2aEpnudNMgy9N8sJpgzyojZHM8pSqlns80nlDq5e3fc5CIk2Krs1ctdMfbFbbc0hQivrSsum7NLwwx17ppAkSg5PQVX6_xWGJQzf2vaIrIf40begoAk6Ncmj4iZyJoshjJWhloSSP-ScUrvtiQbCvQFfXBUcWwETEVgUlyzb_d3fSsMeDO8Fa8Piv3xA1i85W9uIqAhSPQhbYZSwrYsnLDf5NlNbbbY36bc6NPSsqAT4CRrG1mw8RqGmKbNxsrmwv-BxvtyjzBxPYyEfyszK7fek6KJX-vS2oWiJn9wPawDWveH6TbXHVMPXx3U-1r8yxRGUL4jzXbZMHlfGaWA6_8CyJ4sqLlUCKUbffnWrZjWfxJGF98VcBQ42ehmzfRVwJccqiMoVs92JZhSTlMU-D-OXRCxzMh1FNe4lIAzkZWrv6Os6gCBjOPIURUSHbnNUM5Z7ow9wphpR13Dz279wtoj4MIUazQlf8Wwy7mpLIrYSVajd6J3mjMkBZ-W52fnnFs9TXnr7RyOGk26UMm-bkY_bYuxMH5vVhXxUAjYnZgC4IGqpjuV76q5Tt9E-43rgTdRHGS0RbZQp1vp2gW3_lQA7O5IA72rYYSdnYo8J0HMKhZ5j5-Mz-IHYdzMfV5b8_hsCZ8a-sgRbEj3DC35ElmQJ_ITVWyAy4067sIxthGMDpCPhZqX8PpWe_CVcFsHApJUixacXy9JaNwC0r_qjda9vg144VnsoWN5qwzqTSpK5PIk4hf1aEcjPUSyvE3-XFOgrCq9mO_ZkEHsXHmAwFehD51_wMdw9gMkB9PUXV-xr3RnI8BGiyQlNTD0fcvXvESGwiMIcf4wCKAJJYQkN8ja_J4SBgwTqEhbpJ8kIW5hRWZwxfis1Xt6LarKJmaDn6SclZbZoIEUCKtXPiy1Wrg6ZYcZca5kGW8l62TO9puBU33prqf7q_9TLae4--01DKRsMQLdRvMnY-1sza4zLyEXB6c0GSWw-fErxf_nTwqtWHKS8zahI3K51aC_QH-VdYD1Mf3-MqjlcfbUdFcPWgripXmFbBhlRosM_7iX1kFMBIqIoqqutFbQbpmbvvZm2nSQZ3ZhNu9bFaNKLBrxOEGQw4CB4vkfasDsCndF5QxKX_dI2SIM6p84RLL9bMHWuTNUvx6Zp4lHXBTskPNxOVdZyHaD5-qT3MUBa_WE_JNoQIbDTmu7vGaQ4ITGr6bj-OPKr520a8dG1UiKEbQoyj8GsIFZRBaOLvj5K_VGHwf2XlrPwenoV8z8FXqdTrI8p8_7ciqb_UQ0PDWe6AF8VTEfj-R6Ls-tFlPNvSaGKY3Iy19qqAqZ29vnxBP98LixRWgEQvTzPju4SIQQ&cid=CAASUORoldvK-AbZjBI3d2ORk76ZEILYQ9gmtlRXY7BI2UQfc70tl_YTIwMRdlXit3InTzCWefXu3Dd-eizZBQ1SMOa3EkGgTPzuWpaUwtGrusRd&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f157.1e100.net
Software
cafe /
Resource Hash
7fa588be427fc162b569b4a86d42448633253187f43bb40338fda711fe00780c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15082
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A1B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cly0mc2yAYsK1OZaqx_APxuKM6Amw8PntacmQmOL_D_AuEAEg_7C8MGCVgouCmAegAcvk9fwByAEFqQI7gUlmmHexPqgDAaoEnwJP0LFsGexaZhRZ5x8joRm47qnyLKm_R4R0uPqwA9w5q2xl7TjZwkCjWsB6wE67Ibz4Z74iIjSy4ovdhALIA_b9LwqtsffdXhDz390uPsPLRDXOg1s7Yk6v7_JsjvZBpEz1iVT0pvp-C1Y4vAAqQ7jai-qlqFVhxrzO7-khz8AwuiuypA111xodHdSC0wj-5N9OMHI9EPz2JR9pGpRLJNM-Yl6dLWC3ZYXlD_ByEO10S96-kgydbZf-STX1bGKKbVx6x2Wds0epVmv4TnGLj3m3PDb6ueAkzVsUG1WDLQeZ7EAtn3HkXjzhdV4ixXP7EnGqBYUFZGIlnOsBgaUJuZw5sowIraqCsi0Djp_ydsx0T5inCR0pTnQYHPDi-QNK9sAEnNLx2v0D4AQDiAWRyfvJP5IFBggbEAIYAZIFDQgiEAMYAUiGiLoBUAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB52bioMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ8JEwGNTTqMkB0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi04ODM5MTc5ODk0MzE4Mzg1gAoDyAsBsBO_1YkPyBPu85HgA9ATANgTCogUA9gUAdAVAYAXAbIXHgocCAASFHB1Yi0yNTM5MzU1OTYwNDAyNzk4GIfEHQ&sigh=_1URlj3toGw&uach_m=[UACH]&cid=CAQSPACNIrLMmjw-2V9qkJ5L3BA0xqsscOA7AD9RVdwaDJ0fLWc0gQa5bixSV03LE5XHZ323NRwA8M5a-7-nRA&vt=10
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
pagead2.googlesyndication.com/bg/ Frame 3A0D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 15:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 May 2023 15:09:32 GMT
truncated
/ Frame A1B1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c9d3d0a0eb4c9079abb7218c49908fadd61ec6801b2f63cd6673699020afe12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
container.html
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:58:59 GMT
expires
Mon, 15 May 2023 02:58:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 88D0 		400 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ef5f0df40f8%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff1397e6208ba6b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
400
x-fb-rlafr
0
x-fb-debug
GGwQ8pPX+hTWDyX5cUGsVQWlUb/h9Fh/7XiOo9MTzjfQVei2FPUHsx4FNWtqR94iHw8bZXg3dTDbvUBklf0EKQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 May 2023 11:14:29 GMT
NIKsmgetx-f.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/ Frame 88D0 		524 KB
137 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/NIKsmgetx-f.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ef5f0df40f8%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff1397e6208ba6b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0178be68408ef776168e90d00fa56653d2b10fb74961e01d30c3648e7b326a0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
h3oskSBOHzgt8tluozr3Pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
139755
x-fb-rlafr
0
x-fb-debug
TlFijPGrAaJQYu9aCcTmCJyK0Q5CFQTLOrYXw60QE8fbDrblWzvv6julFaIR9ir5pBQeI2wLHovpibrWrBUpww==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 13 May 2023 20:22:26 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8A0C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhijwfLFATAB&v=APEucNUsCsS-xIbN4oxqEkXdnKM3vovtKScPAvSD8jVaKYcB6Q8bWMd44avNcwcIKyVqP0YftW0gGYAF6kiAtKYZ8sCNRfoSTA
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:59:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame DF53 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2081
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:24:19 GMT
5431128707943666100
s0.2mdn.net/simgad/ Frame DF53 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5431128707943666100
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecdc175bb6a137032714648974cea12e8434e632f40606a412c5aec2a2be3bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 06:15:34 GMT
x-content-type-options
nosniff
age
161006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43033
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:49:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 06:15:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame DF53 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:37:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DF53 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7FNKTf7AcSAGT94f6XS-U6RHT1Ke70NbqrS8N8b-IOEamYRTCo-muncPyTEk_4tkS5ptV10IlQ2TmbMyIYoVSw8iVUilNYKYkEY9fOPWeUGYFzeaRp4Gtzt4gVq9lZuJ_2aG6clU4phsCTFpzzAXtKpi-KRgju7Qgnn55BQX1LHKwXMf62t_MK3bPboUpF-p8Ngj32PIaN-Ax4Ipxu8_ZmqPzY1NSHXhmDb8C2H1nbQXFD_2RhODekjQxLWytm_LjIlasWGQEFFFwgox7hDPlf1F9DacYjW4XKvxtmy5szWdJRS7c_wGqtkQ7NGj1sE48cUihPZk43PSsPuHiLnOj3lPKwBDFV4WZO0Zah5wostTrtOWGkQSsH_Wvkh6cZcmKX8gDgKLfSSzgG4HOM_dNwI3Z__Jwws6HvfcYCKNgkkBydTXM3vYPuJhkYtnmMsHVcsjMcQA_7YOvPpxI2szWE63s7uBFyqb6nblEg3IxrxJ_2Bp31acT_FwsvrdxrCgxGOARFpneIuLwx8aHoQoFKzuw_fhy7z80Qthnega4Thced5APL9HwuxrsGdxDejTa2lXoDlyz6PpRws6lqCBtRb3OsfI-cj0FlwU8TQAEaQ82BT-kyC8xNC18FAKVEXk_rNN-HiR77UJSwcRGqL-RKRAMAaM-Ovo02pDToIHkfRrXvAlNU1ZTnOSpOtho15dtqBe638pynMLrWHXhHTDMh3RBqD_cRXdiqCg_kgSz-InLCnti8MfwtsdJHhdFYgULoYVTx-njVg3wCBCVYuGRXEPSBCSXed-xYCDTtyyIGr4xQiBeTpCFNRohGeYzR9UH5ItcfkfGiwu7tHN7B4Q7woNaxvPD-snXV_JngC57EVk49ev2iEYKxfazZAfy-Z50ez1xHInAWCJ5nthiMeNorLMuBijYWbjI6m_beBfWnhVm1SUkRtMqFoyLLUFPPj3DE4dv01vW65lObIsfihm8Qx590OgXF0oWap8_7zgmJlTwXIh_kRhaK2lapHJG9LnzUSO1ubOLexkr0d5p_yN5XE2HBkeoEOCu6UfEfZB2j19bqAzobod_ajb_qPKErVJJ2RxGX3o46Jf5e9hgGbXnwtLK9jac7zuvPGMYRwUFvb0n-M8I0VwwETBK3vmb_LXIbOzQeh4CD8m-V_ZVpnwhoKubMYo8VnwSN-Foaa56ovhQiXwKY4IlLimoSHFoufUK7u97ewqUbEhafPzSBvuXdipGSYyN2ww3rbAEQdQw1er-ZWT84MxYXuwStKF24o4&sai=AMfl-YR3D2RCr9w3SD_wBQXTk8d-7wvJ8oEttEhrCqrbV0YHLpeA_UkfRJ937JFC9dC_gHuh02aNgbzpaVOgfII5FxLj5QpAMI4xksAKykBWpXNJxc_EVEDYM9ghuGZ-im2cJcJnQKBdiWX5YVHXp_drOJvDpLjII10bfOT04q5yEki-mgDsoimxQwl_8p_f9qNlh9h0wq_VwnxiOr6e9Nxyg7F6KmQAJlEhixiMakJCMJNs_VlgFVhqIqbtm-YQ1v_8MzXRId9bQlSqDROYD-oN31DbMF8nl2QlnhbwlkdWFuMJgnTa3gUOP8306Z82By2rKx9ydJQtlJGQJdqC41z9GciXZcgJCSW7BcGI_WY15OOpQMsbFDlm3z1Q3j1_8oeiTMygaPNi6w&sig=Cg0ArKJSzMGrjpLCmUBjEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220511.34218&adurl=
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 15 May 2022 02:59:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DF53 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 08:23:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 08:23:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF53 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6tX_GF0iOGXDJw2gd40H4zWf353nOfDDlvW9KWDFVYrf8BinE9dKrsrGJlH5GAzsytAR8_Qc1pdjCyf99tU6GP5ljJ97JnlvHV-x-DXe2Si8LmEA
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame DF53 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:47:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame DF53 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:34:50 GMT
l
www.google.com/ads/measurement/ Frame DF53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFjQlzBe4TddO8atyy25hpiIxWJBm3qDEfD1DMOI3TZs0JMy4i6xI5BkN8jKCCVnru-MoT
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF53 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 02:59:00 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 88D0 		67 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1652583540325&t_start=1652583540325&t_domcontent=1652583540347&t_layout=1652583540367&t_onload=1652583540367&t_paint=1652583540367&t_creport=1652583540367&t_tti=1652583540347&lid=7097792260082238410-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4ef5f0df40f8%26domain%3Dballeralert.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fballeralert.com%252Ff1397e6208ba6b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fballeralert.com%2F&layout=button&locale=en_US&sdk=joey&share=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
UegH4OlfjwfAovH1DjsXcpcC0HS68nRb04H0Etav4ggLCAadJ+OAeNgKjwB1jpy/6QHUxqI8xLmAUOtVTZfvlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 15 May 2022 02:59:00 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A1B1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 09:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 09:17:38 GMT
file.mp4
r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A1B1
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03E520ADEE1536407B95CA10A0D9CCE43DD48C99.7DA58607F43AE832C57D599097F27EF3BF92BA0A/key/cms1/cms_redirect/yes/mh/BU/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652582521/mv/u/mvi/1/pl/53/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:10::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3877669
Last-Modified
Fri, 29 Apr 2022 09:36:49 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 15 May 2022 02:59:00 GMT

Redirect headers

date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03E520ADEE1536407B95CA10A0D9CCE43DD48C99.7DA58607F43AE832C57D599097F27EF3BF92BA0A/key/cms1/cms_redirect/yes/mh/BU/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652582521/mv/u/mvi/1/pl/53/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D3F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:58:59 GMT
expires
Mon, 15 May 2023 02:58:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9FE9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
159254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 May 2022 06:44:46 GMT
expires
Sat, 13 May 2023 06:44:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DF53 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7FNKTf7AcSAGT94f6XS-U6RHT1Ke70NbqrS8N8b-IOEamYRTCo-muncPyTEk_4tkS5ptV10IlQ2TmbMyIYoVSw8iVUilNYKYkEY9fOPWeUGYFzeaRp4Gtzt4gVq9lZuJ_2aG6clU4phsCTFpzzAXtKpi-KRgju7Qgnn55BQX1LHKwXMf62t_MK3bPboUpF-p8Ngj32PIaN-Ax4Ipxu8_ZmqPzY1NSHXhmDb8C2H1nbQXFD_2RhODekjQxLWytm_LjIlasWGQEFFFwgox7hDPlf1F9DacYjW4XKvxtmy5szWdJRS7c_wGqtkQ7NGj1sE48cUihPZk43PSsPuHiLnOj3lPKwBDFV4WZO0Zah5wostTrtOWGkQSsH_Wvkh6cZcmKX8gDgKLfSSzgG4HOM_dNwI3Z__Jwws6HvfcYCKNgkkBydTXM3vYPuJhkYtnmMsHVcsjMcQA_7YOvPpxI2szWE63s7uBFyqb6nblEg3IxrxJ_2Bp31acT_FwsvrdxrCgxGOARFpneIuLwx8aHoQoFKzuw_fhy7z80Qthnega4Thced5APL9HwuxrsGdxDejTa2lXoDlyz6PpRws6lqCBtRb3OsfI-cj0FlwU8TQAEaQ82BT-kyC8xNC18FAKVEXk_rNN-HiR77UJSwcRGqL-RKRAMAaM-Ovo02pDToIHkfRrXvAlNU1ZTnOSpOtho15dtqBe638pynMLrWHXhHTDMh3RBqD_cRXdiqCg_kgSz-InLCnti8MfwtsdJHhdFYgULoYVTx-njVg3wCBCVYuGRXEPSBCSXed-xYCDTtyyIGr4xQiBeTpCFNRohGeYzR9UH5ItcfkfGiwu7tHN7B4Q7woNaxvPD-snXV_JngC57EVk49ev2iEYKxfazZAfy-Z50ez1xHInAWCJ5nthiMeNorLMuBijYWbjI6m_beBfWnhVm1SUkRtMqFoyLLUFPPj3DE4dv01vW65lObIsfihm8Qx590OgXF0oWap8_7zgmJlTwXIh_kRhaK2lapHJG9LnzUSO1ubOLexkr0d5p_yN5XE2HBkeoEOCu6UfEfZB2j19bqAzobod_ajb_qPKErVJJ2RxGX3o46Jf5e9hgGbXnwtLK9jac7zuvPGMYRwUFvb0n-M8I0VwwETBK3vmb_LXIbOzQeh4CD8m-V_ZVpnwhoKubMYo8VnwSN-Foaa56ovhQiXwKY4IlLimoSHFoufUK7u97ewqUbEhafPzSBvuXdipGSYyN2ww3rbAEQdQw1er-ZWT84MxYXuwStKF24o4&sai=AMfl-YR3D2RCr9w3SD_wBQXTk8d-7wvJ8oEttEhrCqrbV0YHLpeA_UkfRJ937JFC9dC_gHuh02aNgbzpaVOgfII5FxLj5QpAMI4xksAKykBWpXNJxc_EVEDYM9ghuGZ-im2cJcJnQKBdiWX5YVHXp_drOJvDpLjII10bfOT04q5yEki-mgDsoimxQwl_8p_f9qNlh9h0wq_VwnxiOr6e9Nxyg7F6KmQAJlEhixiMakJCMJNs_VlgFVhqIqbtm-YQ1v_8MzXRId9bQlSqDROYD-oN31DbMF8nl2QlnhbwlkdWFuMJgnTa3gUOP8306Z82By2rKx9ydJQtlJGQJdqC41z9GciXZcgJCSW7BcGI_WY15OOpQMsbFDlm3z1Q3j1_8oeiTMygaPNi6w&sig=Cg0ArKJSzMGrjpLCmUBjEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=78&vt=11&dtpt=77&dett=2&cstd=0&cisv=r20220511.34218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame DF53 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a600558475791f59dc2627cb9fbf2425cd2962ddd9089c42a69b4402fb5c55cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 3A0D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fY4x9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
launch-530fb1e26ecf.min.js
assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/ Frame 787D 		159 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/v8.33.1/9efce1a/bundles/16.widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7829e009c50a75313a34510ff02878e8c90cb5e6d6405196d8790400a014d78c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 20:38:42 GMT
server
AkamaiNetStorage
etag
"bad41f64db46aeb47fda72bf857fc32c:1631133522.72211"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.iheart.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
46157
expires
Sun, 15 May 2022 03:59:00 GMT
beacon.js
sb.scorecardresearch.com/ Frame 787D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.iheart.com
URL: https://www.iheart.com/v8.33.1/9efce1a/bundles/16.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-90.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:49:17 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
583
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Jp080FJbwSU-Ta5AbBlqb5qTfsEXUR3QDQYBj-OwFBJYxeKFSgRu6A==
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D580 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 09:17:38 GMT
expires
Fri, 12 May 2023 09:17:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5473 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyUyvoCEMzCz4EDGKuppcgBMAE&v=APEucNUFBRL687Wim1wzmwsGYL1rIo7G9a3wI5rq_EM6Ra_2LvnvMKDSCCbEssDS4OdbJQoyyIvI7-Q6IlI4a0dRGcuRDDwq1g
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:59:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5D3F 		61 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMXUSQh5SfrM0sIVSvDtI28Ar_1JdlzMrY-bXxyysKpH-flN-9eevXseeujd9Y8mn0BLvPXP3iXlAJaf-sZ7Nx_dYD2w&cry=1&dbm_d=AKAmf-CJPo-gZCwNAsQMzElUOMHrqvCFsLqQvHWgQEBAJY3f7HDuTsO3QasdkUJwbAJSvTVAA-LZoc9oI4ICeOVF-rvnuOxM8mHT94tnkUz3QfgBLwV2KxGxjsHHo_iDJ-XmziX8QA8JERoHNNWM_1qJGIxrW-NKD7jwB-GgeF29YqKTaiGn9rvFdOXZiANRMmODQuHB8rJ11CnCXy0EA431ptT_qsdd41h1LyTNjNsgoL21xEUaaTQa-Q1TvzLDGjEzD5iTL3DIz8YaN2GghKu-4CfgmmapQ1okOoOS8XnCJ4vQVg7_opWDy6A3l80TkuAujBqiTFu3HFTRVMOBxYKm-mfBpNLa6wrSZpnfQ4yevAMMCRGSGrJNnHS7C2cGH-WwHaNBvej_I3lshNI-6d96YWCaoflkBZmdhzwzuU2Dt1T9-k6jVn4U83QRYyQ8QxRo54Qr5OKuwF0hUlQc2eB7glRLVSMOqoL3e5ov9lsFyDb61Q-lM5sTmo52wf3GJtKfamH-KafkHn8YeGxEpBwRfVx_2Hct55PA4ekqjdP6M4p1-c0LnLwivU-ylAYs5nn6xVNnbKVYQ1Wpd99ezk5Yz-EjEKbXhZJ1sKAnYkHyeNVv9FDc9rbqsgtqRXpefY3cCxEXdrkcjFg1ztNAmZYTspUeQFSX9sMgDIel98n5wXDKFBDcZEeGkYnFG6SPLdRnVS46tqvXBYCxDJzr1eZfMmEGV3xkfO_wb0mC3PiZeiQJDAeMW6CDvN0bZdjwSlHdHMwsFAy-5rb8x4w6cp80mgygtAUWdIIcY-bXxbv8-zOazMpdb6PEJB8NSlU538aCNRyXGrwk_CXRXfhaQGQj2JlqAtuckv-LnG8Z4Cm-_K1yvxVgh_mraUySMxGvFZw9EvnBEnG5Dh3vSdtmgnRVMi_DcoUHDdExJlZlckk-_mpP0Gk5-MA9MqE2iU479yvYfv88l-uVoZ5ngkofHCrbJMRxqmIa-t-0ptf6kZgvA4L8aLHHvZF6SxVE9RainWKb8AmYHsoZl-BcjHhaZK2_PUHfKscvnZYdqE9eBlerzIfjNyvU3KEkSdkAio46r38vonaduJLNTeMsNTX4FE4FpM4-_YonMdKp60SquCq8r4suzQf7PiB2Li1Jwa9rkDDVn1Weaw1g_bhWY2kzGSKyqvB5IL_uztz2uOR7R2QWASRX4F9zz8fmfSJ92DM2osCxC3WRgb5Ef1CYg5PLEe1TdDOoPUHiXYNSaUpwMfBpTi3xidffk2wNCIv8QOuISuK7t24vGQGDdC1yHSM-5PRx4xtSxmwUEuMZkQX7mobzy606IwxwZadPq3wYAXOJm25VCRVJmNncOeLdQ8KLgSqMrlMN7f47_x1y39EXTWVvsucZzjd5aNMDOGh3tHTGPA4SlDd1xmtDja_0Umr09jP4_CwbWPoqvI5wVStIzS2VrAIOrzIvbCkYbOW4mDbl_va6SGqqjvgZBUNB0YExeDhgBgqQJSrDrnwxkRUemHooehYZarEcZr57z3swPLUabkf9HtC6zDd1RwmTlFA8FUxDLLEBwtIjcOiOkWm7eUTV7qvsIZ4-QGcdNuViE_l8NoV6cPkFBTgabLiwIMnp3EOY-tsuf4cmSEvEYHFmRGlHYbi2f9gZbc0yt-DmMsJE9eVExorQFAhYvCxgSF9JoTV0QZOpkiLzQ0HNaCgTImBn7HHlW-vyzerQege77IihRZxE9eiaIT9HWCY4A6aIQ4dKP_hxkwZ3SFNsqPufStjj_NwNDXlB-cbPtF2nuEW6qksGzgj4OCPXh2ae-tKaHQ4FMURSjm0tuFxBuXmjQt9oSrduNwVSLB8Mok9Vh_BuYg63yqbIZ4SzozR4wYeKWFPvXVJ6vt5aqcbodaaeo4Q93PDDfLBVSGxoIvapqW1i9fIrJYlLElP3_w-VyyFdxtFObKVIOY2gpfJoKq1otgRZy1CUqsee06RbFhfSJbcrjPr88zzwu-pCZShS_29pi_NZiS2hRXmm9eInvYe4kC7dvHjDv9LjWVQClxaa2ICCA--wgG-IBuk5g1cfUdf6gugNvoQlUb37nlFlZ5wnemPcjJoSADybuK3Y5JsWPAlY18WokCofkBLtDg4onK5zJ-qOtpQPpCHfWIsf1UVywvuWzllSbo76fpTI0ITwssVxPwqSalzwIc4JmfWkOmcJ8UfzNFrlpeOOOSKV_HEMJqnYu4KrP0v0aqrYYVNZzUXK6alWTtYUWgLKN5mJSi9Tm0X9cFA9jcKfCSKmeL_fmSeQxaQ6jKs8MIdTQrPf_LSAl9tX0cs7PBVmpSWbYhBITr1-dlKE6DH9NZpGlC6JpN0eX7qMVyDyfFp5f_LuCEgJrEjmWD7QOs9dudInUjt4Yzb1HE7KYeNxmzW14KyhBUBUfxkT54FA0VYRaG1xrHmnOvaK-Hpz9rxcqo45a52BCTkJt0GWTHwzFlEOKeMmNLqdwwoULF9huujWD6n5vfpypL-v8jbXaGm0l1fA7LO8uYvTEz8PV9wkx6iNB-4hB9Rfot-JDCQ_seu1QI8o59M46aJblpX9w6OAhL8vmNsgTgcdzPairdwpF8pEhQch7ldCJyMFo6wDXwbwrSfkmpfPaFgPuv9lIL_CKZlymxCLRICmYIXHVg-QQ1W39qG4vYOzajpZnSPO1CVVllVRz4OubgEu97B7-zlsZ-PWmunxyZ3Zg7q5CRoed9-ziAKOwVj5Dhb4oH4MpGDX-_dc2PI81l9uJOZT0RQQXev3t3_kXfVI21jpUbavxNXl9mvEyFVtZvr45psjXDQqAIi2e4Iy1FD3g0hTJ3ukrbBfRbQF7BdQP_d7bF-Omr5iDAP876iwNKv_eg0YpntgGZIFaj2LrixC9shJGyPTytNGrERyBN4KUlHB2uXYVy4QWcXUjkPer3-xnS2XOnCd9fL-FVettdSaHFWlg7DVjtT2rasq10R6pYf4YbI-jKtXh_fKB0tZD1TNJnay4BV0dGfN_aKdkWPla9buPLU_1Rxl8ua2VwqNNmVpJjE0DvnDlqsT5b1SCGSi-4OieYas2ZDE6o1zYqS-oZVMiETpvXu34GqyBcyV2KnsZFBhaOoXiDmHEW4_xet4NhrDPZc2VovGXhztPGAIwh3m7jEs4QFCJqY3zD-NgRzM4bC3RzZ5QBHWfYkJO2DeHeeclkiflkhZAOsLo0y2FXLBexCPLghkwoubYXUIRl_TIA9QwwOxZqR4AraUrigSzLGqXuW_7twkbISAVaxgtYmV96zwtzNXPeeZ9gN5XPtxufWzx6nyg28Qkff15QWQUmm12kCIuIwQxYW1_9zNAk52p-kS_vKpfpap8Rj52N3F3glc2eCRjepgrdjPrs5h1GckO3JHb2B7Tae2VU4-mjkMrhe33X_q5HsG5R4M262rLnfvHO6wOzpgdEXqO2tTcVQsEF87RFINyXh2c97nu0Y89TGUVM3FsUmV6JhylECVafKn_PzsT4Ze9l92Lv7OxWVxvhrvJkVq7DDcqBt8cOhHBKRu&cid=CAASUORoFd5CRfqjPZNxpODVstmQlpDHehzqTWJrxrfCaHjQN6AsPGY7KI6gN3WxeJuxeYD5pmhofAZ_SMZN07jmy0u_qGxvurMHseYz4KNAN4fV&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77fcbee5f2d03585b0500466ad44001ee1b1fef29dfdb8b1675d5e7878b39867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D3F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjZEiyp6fLmoHmOrTmYPcjOMKy3PRQl8hMM9tgYjrqEkoLzcw_6YEMsE6BL7W2vw7x51zVg0SH0Cz44wYtS24v1tGrzT9RCYkGwhkYTSwXUJrLWmc
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5D3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:47:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5D3F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:34:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D3F 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 02:59:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1DEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst31ugmS6BBvR90u_a0mdIf-MNIogLe9bJKrGCGTuujhYlFcvIWV7ms4ywuhoq-wqY9KP7h-PsDWbMhEg5LLPM4psCPbUnuwcw7AuZQDID8i11Kf3FWxBSsVe1uhxm_gxZheH8rGSRgxP8cz_ruAau86cjqx4KGrzqjtMWy2OTsDk9LXNdPZuJqP6TIjYHKIoXqWKwoStnnHJXBKmWMO-PttA9bTrmXSaphd5acSI_HYb-UEBNXJLAnn5L9BU5640zHi7UnxmLktYXDJZ4Jm0wrDGy6qF9UeQpuz4C1THfDs5rLEnuMTdr3c6EXA8Ws8XMNsd9eObuMeklXOQ&sig=Cg0ArKJSzISif5z_Zj1REAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 1DEF 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20121
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMiygNfUR0syA%2FMGrLLjVgdHeDiJeBGD3txbN7mP3%2ByXPsKoYkbjW3Q%2FPXAnFa77AG9He9e4Ai7UqRe0tUv83Uxv5LeT8ck0Yk3pgY22sRnwzZgAesoimXdjz0sRmcpGCRMv221e33jCD7ljJVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70b89d78aa330221-ZRH
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DEF 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 02:59:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 1DEF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c6ff04eee3ac33ded99ee6c1a967713530124ae77cab274d1cf9a977a7aa676e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 May 2022 17:26:20 GMT
Server
Microsoft-IIS/10.0
ETag
"046e5642566d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
close.png
console.adgrid.io/backend-wp/ad-wrapper-js/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://console.adgrid.io/backend-wp/ad-wrapper-js/close.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
061a3a77519999a1fe023724896eca435a4b4d6fd758963270c43fb83d4a8a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
cf-cache-status
HIT
last-modified
Fri, 11 Dec 2020 07:03:15 GMT
server
cloudflare
age
1943
etag
"55c7-5b62ae2f0592f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov7DM1QRU%2Flb%2BCiskzLanpN3AXHKvaWgV%2FKWK6EGjo1LhKCcOUDlzIDPu4pwbkp4L4JEvt2npgVB1oLX1mJwZv%2F%2Fok7XKo5x%2BMvU1r22IW3IvQIScg%2F40kVOI1dSnklJRPweKLKpjQkYEVWbCYmz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
70b89d787efa3760-MXP
content-length
21959
sv
capi-tier-1-us-east-2.connatix.com/tr/ Frame 81F1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sv?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:58:59 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 9FE9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 05:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
164689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 May 2023 05:14:11 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 787D 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.iheart.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sun, 15 May 2022 03:59:00 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 787D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.iheart.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sun, 15 May 2022 03:59:00 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 787D 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/dba7b4ad2c8b/91f40365a420/launch-530fb1e26ecf.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.iheart.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Sun, 15 May 2022 03:59:00 GMT
b2
sb.scorecardresearch.com/ Frame 787D
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036262&cs_xi=5451834289&ns__t=1652583540591&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpod...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5451834289&ns__t=1652583540591&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpo...
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&cs_xi=5451834289&ns__t=1652583540591&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F
Protocol
H2
Server
13.225.80.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-90.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iheart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DFNnoNRPzEDAZ9e8AzeUQGc6hq1abHzxidHAaXzoKScAnaKzO03asQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6036262&cs_xi=5451834289&ns__t=1652583540591&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20Baller%20Alert%20Show%20%7C%20iHeart&c7=https%3A%2F%2Fwww.iheart.com%2Fpodcast%2F1119-the-baller-alert-show-53352259%2F%3Fembed%3Dtrue&c9=https%3A%2F%2Fballeralert.com%2F
date
Sun, 15 May 2022 02:59:00 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
0
x-amz-cf-id
dXgk0A83o6IHuRGtvX520fHQo4nf8jnKFvkN2swjFI_lIRKGlwUdPg==
x-cache
Miss from cloudfront
file.mp4
r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A1B1 		207 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/6e14bb5d70a0f5cf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795673200/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03E520ADEE1536407B95CA10A0D9CCE43DD48C99.7DA58607F43AE832C57D599097F27EF3BF92BA0A/key/cms1/cms_redirect/yes/mh/BU/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652582521/mv/u/mvi/1/pl/53/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:10::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3877668/3877669
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3877669
expires
Sun, 15 May 2022 02:59:00 GMT
last-modified
Fri, 29 Apr 2022 09:36:49 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
client-protocol
quic
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame D580 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 05:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
164689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 May 2023 05:14:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 5D3F 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMXUSQh5SfrM0sIVSvDtI28Ar_1JdlzMrY-bXxyysKpH-flN-9eevXseeujd9Y8mn0BLvPXP3iXlAJaf-sZ7Nx_dYD2w&cry=1&dbm_d=AKAmf-CJPo-gZCwNAsQMzElUOMHrqvCFsLqQvHWgQEBAJY3f7HDuTsO3QasdkUJwbAJSvTVAA-LZoc9oI4ICeOVF-rvnuOxM8mHT94tnkUz3QfgBLwV2KxGxjsHHo_iDJ-XmziX8QA8JERoHNNWM_1qJGIxrW-NKD7jwB-GgeF29YqKTaiGn9rvFdOXZiANRMmODQuHB8rJ11CnCXy0EA431ptT_qsdd41h1LyTNjNsgoL21xEUaaTQa-Q1TvzLDGjEzD5iTL3DIz8YaN2GghKu-4CfgmmapQ1okOoOS8XnCJ4vQVg7_opWDy6A3l80TkuAujBqiTFu3HFTRVMOBxYKm-mfBpNLa6wrSZpnfQ4yevAMMCRGSGrJNnHS7C2cGH-WwHaNBvej_I3lshNI-6d96YWCaoflkBZmdhzwzuU2Dt1T9-k6jVn4U83QRYyQ8QxRo54Qr5OKuwF0hUlQc2eB7glRLVSMOqoL3e5ov9lsFyDb61Q-lM5sTmo52wf3GJtKfamH-KafkHn8YeGxEpBwRfVx_2Hct55PA4ekqjdP6M4p1-c0LnLwivU-ylAYs5nn6xVNnbKVYQ1Wpd99ezk5Yz-EjEKbXhZJ1sKAnYkHyeNVv9FDc9rbqsgtqRXpefY3cCxEXdrkcjFg1ztNAmZYTspUeQFSX9sMgDIel98n5wXDKFBDcZEeGkYnFG6SPLdRnVS46tqvXBYCxDJzr1eZfMmEGV3xkfO_wb0mC3PiZeiQJDAeMW6CDvN0bZdjwSlHdHMwsFAy-5rb8x4w6cp80mgygtAUWdIIcY-bXxbv8-zOazMpdb6PEJB8NSlU538aCNRyXGrwk_CXRXfhaQGQj2JlqAtuckv-LnG8Z4Cm-_K1yvxVgh_mraUySMxGvFZw9EvnBEnG5Dh3vSdtmgnRVMi_DcoUHDdExJlZlckk-_mpP0Gk5-MA9MqE2iU479yvYfv88l-uVoZ5ngkofHCrbJMRxqmIa-t-0ptf6kZgvA4L8aLHHvZF6SxVE9RainWKb8AmYHsoZl-BcjHhaZK2_PUHfKscvnZYdqE9eBlerzIfjNyvU3KEkSdkAio46r38vonaduJLNTeMsNTX4FE4FpM4-_YonMdKp60SquCq8r4suzQf7PiB2Li1Jwa9rkDDVn1Weaw1g_bhWY2kzGSKyqvB5IL_uztz2uOR7R2QWASRX4F9zz8fmfSJ92DM2osCxC3WRgb5Ef1CYg5PLEe1TdDOoPUHiXYNSaUpwMfBpTi3xidffk2wNCIv8QOuISuK7t24vGQGDdC1yHSM-5PRx4xtSxmwUEuMZkQX7mobzy606IwxwZadPq3wYAXOJm25VCRVJmNncOeLdQ8KLgSqMrlMN7f47_x1y39EXTWVvsucZzjd5aNMDOGh3tHTGPA4SlDd1xmtDja_0Umr09jP4_CwbWPoqvI5wVStIzS2VrAIOrzIvbCkYbOW4mDbl_va6SGqqjvgZBUNB0YExeDhgBgqQJSrDrnwxkRUemHooehYZarEcZr57z3swPLUabkf9HtC6zDd1RwmTlFA8FUxDLLEBwtIjcOiOkWm7eUTV7qvsIZ4-QGcdNuViE_l8NoV6cPkFBTgabLiwIMnp3EOY-tsuf4cmSEvEYHFmRGlHYbi2f9gZbc0yt-DmMsJE9eVExorQFAhYvCxgSF9JoTV0QZOpkiLzQ0HNaCgTImBn7HHlW-vyzerQege77IihRZxE9eiaIT9HWCY4A6aIQ4dKP_hxkwZ3SFNsqPufStjj_NwNDXlB-cbPtF2nuEW6qksGzgj4OCPXh2ae-tKaHQ4FMURSjm0tuFxBuXmjQt9oSrduNwVSLB8Mok9Vh_BuYg63yqbIZ4SzozR4wYeKWFPvXVJ6vt5aqcbodaaeo4Q93PDDfLBVSGxoIvapqW1i9fIrJYlLElP3_w-VyyFdxtFObKVIOY2gpfJoKq1otgRZy1CUqsee06RbFhfSJbcrjPr88zzwu-pCZShS_29pi_NZiS2hRXmm9eInvYe4kC7dvHjDv9LjWVQClxaa2ICCA--wgG-IBuk5g1cfUdf6gugNvoQlUb37nlFlZ5wnemPcjJoSADybuK3Y5JsWPAlY18WokCofkBLtDg4onK5zJ-qOtpQPpCHfWIsf1UVywvuWzllSbo76fpTI0ITwssVxPwqSalzwIc4JmfWkOmcJ8UfzNFrlpeOOOSKV_HEMJqnYu4KrP0v0aqrYYVNZzUXK6alWTtYUWgLKN5mJSi9Tm0X9cFA9jcKfCSKmeL_fmSeQxaQ6jKs8MIdTQrPf_LSAl9tX0cs7PBVmpSWbYhBITr1-dlKE6DH9NZpGlC6JpN0eX7qMVyDyfFp5f_LuCEgJrEjmWD7QOs9dudInUjt4Yzb1HE7KYeNxmzW14KyhBUBUfxkT54FA0VYRaG1xrHmnOvaK-Hpz9rxcqo45a52BCTkJt0GWTHwzFlEOKeMmNLqdwwoULF9huujWD6n5vfpypL-v8jbXaGm0l1fA7LO8uYvTEz8PV9wkx6iNB-4hB9Rfot-JDCQ_seu1QI8o59M46aJblpX9w6OAhL8vmNsgTgcdzPairdwpF8pEhQch7ldCJyMFo6wDXwbwrSfkmpfPaFgPuv9lIL_CKZlymxCLRICmYIXHVg-QQ1W39qG4vYOzajpZnSPO1CVVllVRz4OubgEu97B7-zlsZ-PWmunxyZ3Zg7q5CRoed9-ziAKOwVj5Dhb4oH4MpGDX-_dc2PI81l9uJOZT0RQQXev3t3_kXfVI21jpUbavxNXl9mvEyFVtZvr45psjXDQqAIi2e4Iy1FD3g0hTJ3ukrbBfRbQF7BdQP_d7bF-Omr5iDAP876iwNKv_eg0YpntgGZIFaj2LrixC9shJGyPTytNGrERyBN4KUlHB2uXYVy4QWcXUjkPer3-xnS2XOnCd9fL-FVettdSaHFWlg7DVjtT2rasq10R6pYf4YbI-jKtXh_fKB0tZD1TNJnay4BV0dGfN_aKdkWPla9buPLU_1Rxl8ua2VwqNNmVpJjE0DvnDlqsT5b1SCGSi-4OieYas2ZDE6o1zYqS-oZVMiETpvXu34GqyBcyV2KnsZFBhaOoXiDmHEW4_xet4NhrDPZc2VovGXhztPGAIwh3m7jEs4QFCJqY3zD-NgRzM4bC3RzZ5QBHWfYkJO2DeHeeclkiflkhZAOsLo0y2FXLBexCPLghkwoubYXUIRl_TIA9QwwOxZqR4AraUrigSzLGqXuW_7twkbISAVaxgtYmV96zwtzNXPeeZ9gN5XPtxufWzx6nyg28Qkff15QWQUmm12kCIuIwQxYW1_9zNAk52p-kS_vKpfpap8Rj52N3F3glc2eCRjepgrdjPrs5h1GckO3JHb2B7Tae2VU4-mjkMrhe33X_q5HsG5R4M262rLnfvHO6wOzpgdEXqO2tTcVQsEF87RFINyXh2c97nu0Y89TGUVM3FsUmV6JhylECVafKn_PzsT4Ze9l92Lv7OxWVxvhrvJkVq7DDcqBt8cOhHBKRu&cid=CAASUORoFd5CRfqjPZNxpODVstmQlpDHehzqTWJrxrfCaHjQN6AsPGY7KI6gN3WxeJuxeYD5pmhofAZ_SMZN07jmy0u_qGxvurMHseYz4KNAN4fV&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
624
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:48:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 5D3F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMXUSQh5SfrM0sIVSvDtI28Ar_1JdlzMrY-bXxyysKpH-flN-9eevXseeujd9Y8mn0BLvPXP3iXlAJaf-sZ7Nx_dYD2w&cry=1&dbm_d=AKAmf-CJPo-gZCwNAsQMzElUOMHrqvCFsLqQvHWgQEBAJY3f7HDuTsO3QasdkUJwbAJSvTVAA-LZoc9oI4ICeOVF-rvnuOxM8mHT94tnkUz3QfgBLwV2KxGxjsHHo_iDJ-XmziX8QA8JERoHNNWM_1qJGIxrW-NKD7jwB-GgeF29YqKTaiGn9rvFdOXZiANRMmODQuHB8rJ11CnCXy0EA431ptT_qsdd41h1LyTNjNsgoL21xEUaaTQa-Q1TvzLDGjEzD5iTL3DIz8YaN2GghKu-4CfgmmapQ1okOoOS8XnCJ4vQVg7_opWDy6A3l80TkuAujBqiTFu3HFTRVMOBxYKm-mfBpNLa6wrSZpnfQ4yevAMMCRGSGrJNnHS7C2cGH-WwHaNBvej_I3lshNI-6d96YWCaoflkBZmdhzwzuU2Dt1T9-k6jVn4U83QRYyQ8QxRo54Qr5OKuwF0hUlQc2eB7glRLVSMOqoL3e5ov9lsFyDb61Q-lM5sTmo52wf3GJtKfamH-KafkHn8YeGxEpBwRfVx_2Hct55PA4ekqjdP6M4p1-c0LnLwivU-ylAYs5nn6xVNnbKVYQ1Wpd99ezk5Yz-EjEKbXhZJ1sKAnYkHyeNVv9FDc9rbqsgtqRXpefY3cCxEXdrkcjFg1ztNAmZYTspUeQFSX9sMgDIel98n5wXDKFBDcZEeGkYnFG6SPLdRnVS46tqvXBYCxDJzr1eZfMmEGV3xkfO_wb0mC3PiZeiQJDAeMW6CDvN0bZdjwSlHdHMwsFAy-5rb8x4w6cp80mgygtAUWdIIcY-bXxbv8-zOazMpdb6PEJB8NSlU538aCNRyXGrwk_CXRXfhaQGQj2JlqAtuckv-LnG8Z4Cm-_K1yvxVgh_mraUySMxGvFZw9EvnBEnG5Dh3vSdtmgnRVMi_DcoUHDdExJlZlckk-_mpP0Gk5-MA9MqE2iU479yvYfv88l-uVoZ5ngkofHCrbJMRxqmIa-t-0ptf6kZgvA4L8aLHHvZF6SxVE9RainWKb8AmYHsoZl-BcjHhaZK2_PUHfKscvnZYdqE9eBlerzIfjNyvU3KEkSdkAio46r38vonaduJLNTeMsNTX4FE4FpM4-_YonMdKp60SquCq8r4suzQf7PiB2Li1Jwa9rkDDVn1Weaw1g_bhWY2kzGSKyqvB5IL_uztz2uOR7R2QWASRX4F9zz8fmfSJ92DM2osCxC3WRgb5Ef1CYg5PLEe1TdDOoPUHiXYNSaUpwMfBpTi3xidffk2wNCIv8QOuISuK7t24vGQGDdC1yHSM-5PRx4xtSxmwUEuMZkQX7mobzy606IwxwZadPq3wYAXOJm25VCRVJmNncOeLdQ8KLgSqMrlMN7f47_x1y39EXTWVvsucZzjd5aNMDOGh3tHTGPA4SlDd1xmtDja_0Umr09jP4_CwbWPoqvI5wVStIzS2VrAIOrzIvbCkYbOW4mDbl_va6SGqqjvgZBUNB0YExeDhgBgqQJSrDrnwxkRUemHooehYZarEcZr57z3swPLUabkf9HtC6zDd1RwmTlFA8FUxDLLEBwtIjcOiOkWm7eUTV7qvsIZ4-QGcdNuViE_l8NoV6cPkFBTgabLiwIMnp3EOY-tsuf4cmSEvEYHFmRGlHYbi2f9gZbc0yt-DmMsJE9eVExorQFAhYvCxgSF9JoTV0QZOpkiLzQ0HNaCgTImBn7HHlW-vyzerQege77IihRZxE9eiaIT9HWCY4A6aIQ4dKP_hxkwZ3SFNsqPufStjj_NwNDXlB-cbPtF2nuEW6qksGzgj4OCPXh2ae-tKaHQ4FMURSjm0tuFxBuXmjQt9oSrduNwVSLB8Mok9Vh_BuYg63yqbIZ4SzozR4wYeKWFPvXVJ6vt5aqcbodaaeo4Q93PDDfLBVSGxoIvapqW1i9fIrJYlLElP3_w-VyyFdxtFObKVIOY2gpfJoKq1otgRZy1CUqsee06RbFhfSJbcrjPr88zzwu-pCZShS_29pi_NZiS2hRXmm9eInvYe4kC7dvHjDv9LjWVQClxaa2ICCA--wgG-IBuk5g1cfUdf6gugNvoQlUb37nlFlZ5wnemPcjJoSADybuK3Y5JsWPAlY18WokCofkBLtDg4onK5zJ-qOtpQPpCHfWIsf1UVywvuWzllSbo76fpTI0ITwssVxPwqSalzwIc4JmfWkOmcJ8UfzNFrlpeOOOSKV_HEMJqnYu4KrP0v0aqrYYVNZzUXK6alWTtYUWgLKN5mJSi9Tm0X9cFA9jcKfCSKmeL_fmSeQxaQ6jKs8MIdTQrPf_LSAl9tX0cs7PBVmpSWbYhBITr1-dlKE6DH9NZpGlC6JpN0eX7qMVyDyfFp5f_LuCEgJrEjmWD7QOs9dudInUjt4Yzb1HE7KYeNxmzW14KyhBUBUfxkT54FA0VYRaG1xrHmnOvaK-Hpz9rxcqo45a52BCTkJt0GWTHwzFlEOKeMmNLqdwwoULF9huujWD6n5vfpypL-v8jbXaGm0l1fA7LO8uYvTEz8PV9wkx6iNB-4hB9Rfot-JDCQ_seu1QI8o59M46aJblpX9w6OAhL8vmNsgTgcdzPairdwpF8pEhQch7ldCJyMFo6wDXwbwrSfkmpfPaFgPuv9lIL_CKZlymxCLRICmYIXHVg-QQ1W39qG4vYOzajpZnSPO1CVVllVRz4OubgEu97B7-zlsZ-PWmunxyZ3Zg7q5CRoed9-ziAKOwVj5Dhb4oH4MpGDX-_dc2PI81l9uJOZT0RQQXev3t3_kXfVI21jpUbavxNXl9mvEyFVtZvr45psjXDQqAIi2e4Iy1FD3g0hTJ3ukrbBfRbQF7BdQP_d7bF-Omr5iDAP876iwNKv_eg0YpntgGZIFaj2LrixC9shJGyPTytNGrERyBN4KUlHB2uXYVy4QWcXUjkPer3-xnS2XOnCd9fL-FVettdSaHFWlg7DVjtT2rasq10R6pYf4YbI-jKtXh_fKB0tZD1TNJnay4BV0dGfN_aKdkWPla9buPLU_1Rxl8ua2VwqNNmVpJjE0DvnDlqsT5b1SCGSi-4OieYas2ZDE6o1zYqS-oZVMiETpvXu34GqyBcyV2KnsZFBhaOoXiDmHEW4_xet4NhrDPZc2VovGXhztPGAIwh3m7jEs4QFCJqY3zD-NgRzM4bC3RzZ5QBHWfYkJO2DeHeeclkiflkhZAOsLo0y2FXLBexCPLghkwoubYXUIRl_TIA9QwwOxZqR4AraUrigSzLGqXuW_7twkbISAVaxgtYmV96zwtzNXPeeZ9gN5XPtxufWzx6nyg28Qkff15QWQUmm12kCIuIwQxYW1_9zNAk52p-kS_vKpfpap8Rj52N3F3glc2eCRjepgrdjPrs5h1GckO3JHb2B7Tae2VU4-mjkMrhe33X_q5HsG5R4M262rLnfvHO6wOzpgdEXqO2tTcVQsEF87RFINyXh2c97nu0Y89TGUVM3FsUmV6JhylECVafKn_PzsT4Ze9l92Lv7OxWVxvhrvJkVq7DDcqBt8cOhHBKRu&cid=CAASUORoFd5CRfqjPZNxpODVstmQlpDHehzqTWJrxrfCaHjQN6AsPGY7KI6gN3WxeJuxeYD5pmhofAZ_SMZN07jmy0u_qGxvurMHseYz4KNAN4fV&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 02:16:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5D3F 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTkMWc06W4HSLqvr8tsaeBm_Hy0Zwe5U5i95YAgzTfQFYw47J_PH2IrNseHcNoHIeDOGURvcrfxEy6kpFPJHU7iiqE-semN8euyO478Q8CO520vdQn1RnVmKybSJ1DrtlgueDiD4slHvZoXJPaMGbr_iWAYjtY2qJOjnkf3t3PzHTaO3bW8syFltQuS7fu8LcZbPzGDwYVKMW-ckWm9QjfQo2WHiaQe5JvOM9oFOvsH--PhSQi6QRJLJlLorXe3kb1F0RDcQxI77VeuSzI4XCLE1b6xQncvS--VSyOL1qBjbYv_sh7D58ETttPfjfsDMTebBZJBkCB3NalX8BKatzJXtXiBqVbSXqwO713VmEr1S9K7KV-9nh2VWSdBn_rZIh7oVY7qGweyWsi7B8dUzBhW_kl1oE30uUeHMugzAmOlEW77qPuhAPKJWp1XXZJ8ObAiLFaRQAuk4jZ3Zh7i1CfJBRagHW9oN4aAA5DhP3RBKiOcwPeBOmaoOUVs1wBCINywWxwIzG4RUC3M547KJ5P2lmStVA_Qfw66rIur6Vy0oYjGxMYiMqzC-y4W2dh00TVL8qGlcIFETHhxmI6zkuPf1EX83CKml9TxQNGBq9cF-ZfHG3Y_jIg-v9U1VT71YU34SmNpOQayyBUj73tS8qOSoL_jGZ-VaPaTaXGQEe5FTajA3aM7pPyJvh0juBxQ3UWrg4zeAPh47RMtxAaIq3vT7YSmn1pLO9PlNJeuvWx_TXy8Q5e_E2dVL8DVNGQpdCsVuDCUdTpD-C1xAnO8YlDjCc6cVzFy-8ffrtejz8G1l-1YS1PRnFaUOqbdGe5Exc6DVYJE_RpfGnB17iARHfBm-loZ7DGc02Yn5sceR9KdBhTqY-ZXYrpcmgX2g9evuFRZLo283pOtcGHpxzBK5yyMFsYphjTeuFII0eEuvZ1Xw1560icdnxDEspawtDaXyc1wNBWvDivZlrlRHQ5RVC2B_3Ngz_sfWlWRiK8qhfPwTo4DtoFI38Y11AyG5qQy5I2tnZFxE9olZx4ZU_rnxotFI9eCji6jGYc40ShC9bWm0QRraigB9Q9KmAMRyOKT5Z1irDs5f93xIFwm4uRnusu9vYylu66_Wh6Go3CQwYXpvFvzp4U6AjaPmDTq1s3EDXwQ-3gI51Amjw4cHNe5BjrKHguxbIyW14somlKhDH9NUzElrE_lx9w3JgXDtAMpLBFoycSqVM74iXnMpogMaSSYYWGZAcYgQ3SzUEXL6eTWSih3pX4yC_OFuy17EtH1LIoZd4OitAcMxDaDKUudghY04agdQCmCf4a79HcduxDTXxe71bmwpkkxlyV_uIVBpUItF41TtDfXZ1kFGNa5xMI&sai=AMfl-YQvNJ7qZhZFUTbUJFdery1ybGBauWYech8Cml2NVHO3X9Hj9BFX7Hn7IOB-grOJdVru1iBO5zQVuj1bs3eEPE0HEze_NLGErI4iK6yRekOn9OytVaKWEcG7PF4fiwF4UBLRezJbqOLfxz1rD8TQTioCd1qmxYp3Td4ChV5fxpc9EGzoY3xVQiWolgXPYZZMo-xEsDcE3mVj9MqYOgqXBRlNpCQWH026fxZdIV9GD6GgBuFqhscwqBdkxJ5Xqz6GBaYwgjkQhGEwSOdTxlyK0qNXUXHs943phFza01s&sig=Cg0ArKJSzI-QqLmO9zcWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220511.46695&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMXUSQh5SfrM0sIVSvDtI28Ar_1JdlzMrY-bXxyysKpH-flN-9eevXseeujd9Y8mn0BLvPXP3iXlAJaf-sZ7Nx_dYD2w&cry=1&dbm_d=AKAmf-CJPo-gZCwNAsQMzElUOMHrqvCFsLqQvHWgQEBAJY3f7HDuTsO3QasdkUJwbAJSvTVAA-LZoc9oI4ICeOVF-rvnuOxM8mHT94tnkUz3QfgBLwV2KxGxjsHHo_iDJ-XmziX8QA8JERoHNNWM_1qJGIxrW-NKD7jwB-GgeF29YqKTaiGn9rvFdOXZiANRMmODQuHB8rJ11CnCXy0EA431ptT_qsdd41h1LyTNjNsgoL21xEUaaTQa-Q1TvzLDGjEzD5iTL3DIz8YaN2GghKu-4CfgmmapQ1okOoOS8XnCJ4vQVg7_opWDy6A3l80TkuAujBqiTFu3HFTRVMOBxYKm-mfBpNLa6wrSZpnfQ4yevAMMCRGSGrJNnHS7C2cGH-WwHaNBvej_I3lshNI-6d96YWCaoflkBZmdhzwzuU2Dt1T9-k6jVn4U83QRYyQ8QxRo54Qr5OKuwF0hUlQc2eB7glRLVSMOqoL3e5ov9lsFyDb61Q-lM5sTmo52wf3GJtKfamH-KafkHn8YeGxEpBwRfVx_2Hct55PA4ekqjdP6M4p1-c0LnLwivU-ylAYs5nn6xVNnbKVYQ1Wpd99ezk5Yz-EjEKbXhZJ1sKAnYkHyeNVv9FDc9rbqsgtqRXpefY3cCxEXdrkcjFg1ztNAmZYTspUeQFSX9sMgDIel98n5wXDKFBDcZEeGkYnFG6SPLdRnVS46tqvXBYCxDJzr1eZfMmEGV3xkfO_wb0mC3PiZeiQJDAeMW6CDvN0bZdjwSlHdHMwsFAy-5rb8x4w6cp80mgygtAUWdIIcY-bXxbv8-zOazMpdb6PEJB8NSlU538aCNRyXGrwk_CXRXfhaQGQj2JlqAtuckv-LnG8Z4Cm-_K1yvxVgh_mraUySMxGvFZw9EvnBEnG5Dh3vSdtmgnRVMi_DcoUHDdExJlZlckk-_mpP0Gk5-MA9MqE2iU479yvYfv88l-uVoZ5ngkofHCrbJMRxqmIa-t-0ptf6kZgvA4L8aLHHvZF6SxVE9RainWKb8AmYHsoZl-BcjHhaZK2_PUHfKscvnZYdqE9eBlerzIfjNyvU3KEkSdkAio46r38vonaduJLNTeMsNTX4FE4FpM4-_YonMdKp60SquCq8r4suzQf7PiB2Li1Jwa9rkDDVn1Weaw1g_bhWY2kzGSKyqvB5IL_uztz2uOR7R2QWASRX4F9zz8fmfSJ92DM2osCxC3WRgb5Ef1CYg5PLEe1TdDOoPUHiXYNSaUpwMfBpTi3xidffk2wNCIv8QOuISuK7t24vGQGDdC1yHSM-5PRx4xtSxmwUEuMZkQX7mobzy606IwxwZadPq3wYAXOJm25VCRVJmNncOeLdQ8KLgSqMrlMN7f47_x1y39EXTWVvsucZzjd5aNMDOGh3tHTGPA4SlDd1xmtDja_0Umr09jP4_CwbWPoqvI5wVStIzS2VrAIOrzIvbCkYbOW4mDbl_va6SGqqjvgZBUNB0YExeDhgBgqQJSrDrnwxkRUemHooehYZarEcZr57z3swPLUabkf9HtC6zDd1RwmTlFA8FUxDLLEBwtIjcOiOkWm7eUTV7qvsIZ4-QGcdNuViE_l8NoV6cPkFBTgabLiwIMnp3EOY-tsuf4cmSEvEYHFmRGlHYbi2f9gZbc0yt-DmMsJE9eVExorQFAhYvCxgSF9JoTV0QZOpkiLzQ0HNaCgTImBn7HHlW-vyzerQege77IihRZxE9eiaIT9HWCY4A6aIQ4dKP_hxkwZ3SFNsqPufStjj_NwNDXlB-cbPtF2nuEW6qksGzgj4OCPXh2ae-tKaHQ4FMURSjm0tuFxBuXmjQt9oSrduNwVSLB8Mok9Vh_BuYg63yqbIZ4SzozR4wYeKWFPvXVJ6vt5aqcbodaaeo4Q93PDDfLBVSGxoIvapqW1i9fIrJYlLElP3_w-VyyFdxtFObKVIOY2gpfJoKq1otgRZy1CUqsee06RbFhfSJbcrjPr88zzwu-pCZShS_29pi_NZiS2hRXmm9eInvYe4kC7dvHjDv9LjWVQClxaa2ICCA--wgG-IBuk5g1cfUdf6gugNvoQlUb37nlFlZ5wnemPcjJoSADybuK3Y5JsWPAlY18WokCofkBLtDg4onK5zJ-qOtpQPpCHfWIsf1UVywvuWzllSbo76fpTI0ITwssVxPwqSalzwIc4JmfWkOmcJ8UfzNFrlpeOOOSKV_HEMJqnYu4KrP0v0aqrYYVNZzUXK6alWTtYUWgLKN5mJSi9Tm0X9cFA9jcKfCSKmeL_fmSeQxaQ6jKs8MIdTQrPf_LSAl9tX0cs7PBVmpSWbYhBITr1-dlKE6DH9NZpGlC6JpN0eX7qMVyDyfFp5f_LuCEgJrEjmWD7QOs9dudInUjt4Yzb1HE7KYeNxmzW14KyhBUBUfxkT54FA0VYRaG1xrHmnOvaK-Hpz9rxcqo45a52BCTkJt0GWTHwzFlEOKeMmNLqdwwoULF9huujWD6n5vfpypL-v8jbXaGm0l1fA7LO8uYvTEz8PV9wkx6iNB-4hB9Rfot-JDCQ_seu1QI8o59M46aJblpX9w6OAhL8vmNsgTgcdzPairdwpF8pEhQch7ldCJyMFo6wDXwbwrSfkmpfPaFgPuv9lIL_CKZlymxCLRICmYIXHVg-QQ1W39qG4vYOzajpZnSPO1CVVllVRz4OubgEu97B7-zlsZ-PWmunxyZ3Zg7q5CRoed9-ziAKOwVj5Dhb4oH4MpGDX-_dc2PI81l9uJOZT0RQQXev3t3_kXfVI21jpUbavxNXl9mvEyFVtZvr45psjXDQqAIi2e4Iy1FD3g0hTJ3ukrbBfRbQF7BdQP_d7bF-Omr5iDAP876iwNKv_eg0YpntgGZIFaj2LrixC9shJGyPTytNGrERyBN4KUlHB2uXYVy4QWcXUjkPer3-xnS2XOnCd9fL-FVettdSaHFWlg7DVjtT2rasq10R6pYf4YbI-jKtXh_fKB0tZD1TNJnay4BV0dGfN_aKdkWPla9buPLU_1Rxl8ua2VwqNNmVpJjE0DvnDlqsT5b1SCGSi-4OieYas2ZDE6o1zYqS-oZVMiETpvXu34GqyBcyV2KnsZFBhaOoXiDmHEW4_xet4NhrDPZc2VovGXhztPGAIwh3m7jEs4QFCJqY3zD-NgRzM4bC3RzZ5QBHWfYkJO2DeHeeclkiflkhZAOsLo0y2FXLBexCPLghkwoubYXUIRl_TIA9QwwOxZqR4AraUrigSzLGqXuW_7twkbISAVaxgtYmV96zwtzNXPeeZ9gN5XPtxufWzx6nyg28Qkff15QWQUmm12kCIuIwQxYW1_9zNAk52p-kS_vKpfpap8Rj52N3F3glc2eCRjepgrdjPrs5h1GckO3JHb2B7Tae2VU4-mjkMrhe33X_q5HsG5R4M262rLnfvHO6wOzpgdEXqO2tTcVQsEF87RFINyXh2c97nu0Y89TGUVM3FsUmV6JhylECVafKn_PzsT4Ze9l92Lv7OxWVxvhrvJkVq7DDcqBt8cOhHBKRu&cid=CAASUORoFd5CRfqjPZNxpODVstmQlpDHehzqTWJrxrfCaHjQN6AsPGY7KI6gN3WxeJuxeYD5pmhofAZ_SMZN07jmy0u_qGxvurMHseYz4KNAN4fV&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 15 May 2022 02:59:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5D3F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMXUSQh5SfrM0sIVSvDtI28Ar_1JdlzMrY-bXxyysKpH-flN-9eevXseeujd9Y8mn0BLvPXP3iXlAJaf-sZ7Nx_dYD2w&cry=1&dbm_d=AKAmf-CJPo-gZCwNAsQMzElUOMHrqvCFsLqQvHWgQEBAJY3f7HDuTsO3QasdkUJwbAJSvTVAA-LZoc9oI4ICeOVF-rvnuOxM8mHT94tnkUz3QfgBLwV2KxGxjsHHo_iDJ-XmziX8QA8JERoHNNWM_1qJGIxrW-NKD7jwB-GgeF29YqKTaiGn9rvFdOXZiANRMmODQuHB8rJ11CnCXy0EA431ptT_qsdd41h1LyTNjNsgoL21xEUaaTQa-Q1TvzLDGjEzD5iTL3DIz8YaN2GghKu-4CfgmmapQ1okOoOS8XnCJ4vQVg7_opWDy6A3l80TkuAujBqiTFu3HFTRVMOBxYKm-mfBpNLa6wrSZpnfQ4yevAMMCRGSGrJNnHS7C2cGH-WwHaNBvej_I3lshNI-6d96YWCaoflkBZmdhzwzuU2Dt1T9-k6jVn4U83QRYyQ8QxRo54Qr5OKuwF0hUlQc2eB7glRLVSMOqoL3e5ov9lsFyDb61Q-lM5sTmo52wf3GJtKfamH-KafkHn8YeGxEpBwRfVx_2Hct55PA4ekqjdP6M4p1-c0LnLwivU-ylAYs5nn6xVNnbKVYQ1Wpd99ezk5Yz-EjEKbXhZJ1sKAnYkHyeNVv9FDc9rbqsgtqRXpefY3cCxEXdrkcjFg1ztNAmZYTspUeQFSX9sMgDIel98n5wXDKFBDcZEeGkYnFG6SPLdRnVS46tqvXBYCxDJzr1eZfMmEGV3xkfO_wb0mC3PiZeiQJDAeMW6CDvN0bZdjwSlHdHMwsFAy-5rb8x4w6cp80mgygtAUWdIIcY-bXxbv8-zOazMpdb6PEJB8NSlU538aCNRyXGrwk_CXRXfhaQGQj2JlqAtuckv-LnG8Z4Cm-_K1yvxVgh_mraUySMxGvFZw9EvnBEnG5Dh3vSdtmgnRVMi_DcoUHDdExJlZlckk-_mpP0Gk5-MA9MqE2iU479yvYfv88l-uVoZ5ngkofHCrbJMRxqmIa-t-0ptf6kZgvA4L8aLHHvZF6SxVE9RainWKb8AmYHsoZl-BcjHhaZK2_PUHfKscvnZYdqE9eBlerzIfjNyvU3KEkSdkAio46r38vonaduJLNTeMsNTX4FE4FpM4-_YonMdKp60SquCq8r4suzQf7PiB2Li1Jwa9rkDDVn1Weaw1g_bhWY2kzGSKyqvB5IL_uztz2uOR7R2QWASRX4F9zz8fmfSJ92DM2osCxC3WRgb5Ef1CYg5PLEe1TdDOoPUHiXYNSaUpwMfBpTi3xidffk2wNCIv8QOuISuK7t24vGQGDdC1yHSM-5PRx4xtSxmwUEuMZkQX7mobzy606IwxwZadPq3wYAXOJm25VCRVJmNncOeLdQ8KLgSqMrlMN7f47_x1y39EXTWVvsucZzjd5aNMDOGh3tHTGPA4SlDd1xmtDja_0Umr09jP4_CwbWPoqvI5wVStIzS2VrAIOrzIvbCkYbOW4mDbl_va6SGqqjvgZBUNB0YExeDhgBgqQJSrDrnwxkRUemHooehYZarEcZr57z3swPLUabkf9HtC6zDd1RwmTlFA8FUxDLLEBwtIjcOiOkWm7eUTV7qvsIZ4-QGcdNuViE_l8NoV6cPkFBTgabLiwIMnp3EOY-tsuf4cmSEvEYHFmRGlHYbi2f9gZbc0yt-DmMsJE9eVExorQFAhYvCxgSF9JoTV0QZOpkiLzQ0HNaCgTImBn7HHlW-vyzerQege77IihRZxE9eiaIT9HWCY4A6aIQ4dKP_hxkwZ3SFNsqPufStjj_NwNDXlB-cbPtF2nuEW6qksGzgj4OCPXh2ae-tKaHQ4FMURSjm0tuFxBuXmjQt9oSrduNwVSLB8Mok9Vh_BuYg63yqbIZ4SzozR4wYeKWFPvXVJ6vt5aqcbodaaeo4Q93PDDfLBVSGxoIvapqW1i9fIrJYlLElP3_w-VyyFdxtFObKVIOY2gpfJoKq1otgRZy1CUqsee06RbFhfSJbcrjPr88zzwu-pCZShS_29pi_NZiS2hRXmm9eInvYe4kC7dvHjDv9LjWVQClxaa2ICCA--wgG-IBuk5g1cfUdf6gugNvoQlUb37nlFlZ5wnemPcjJoSADybuK3Y5JsWPAlY18WokCofkBLtDg4onK5zJ-qOtpQPpCHfWIsf1UVywvuWzllSbo76fpTI0ITwssVxPwqSalzwIc4JmfWkOmcJ8UfzNFrlpeOOOSKV_HEMJqnYu4KrP0v0aqrYYVNZzUXK6alWTtYUWgLKN5mJSi9Tm0X9cFA9jcKfCSKmeL_fmSeQxaQ6jKs8MIdTQrPf_LSAl9tX0cs7PBVmpSWbYhBITr1-dlKE6DH9NZpGlC6JpN0eX7qMVyDyfFp5f_LuCEgJrEjmWD7QOs9dudInUjt4Yzb1HE7KYeNxmzW14KyhBUBUfxkT54FA0VYRaG1xrHmnOvaK-Hpz9rxcqo45a52BCTkJt0GWTHwzFlEOKeMmNLqdwwoULF9huujWD6n5vfpypL-v8jbXaGm0l1fA7LO8uYvTEz8PV9wkx6iNB-4hB9Rfot-JDCQ_seu1QI8o59M46aJblpX9w6OAhL8vmNsgTgcdzPairdwpF8pEhQch7ldCJyMFo6wDXwbwrSfkmpfPaFgPuv9lIL_CKZlymxCLRICmYIXHVg-QQ1W39qG4vYOzajpZnSPO1CVVllVRz4OubgEu97B7-zlsZ-PWmunxyZ3Zg7q5CRoed9-ziAKOwVj5Dhb4oH4MpGDX-_dc2PI81l9uJOZT0RQQXev3t3_kXfVI21jpUbavxNXl9mvEyFVtZvr45psjXDQqAIi2e4Iy1FD3g0hTJ3ukrbBfRbQF7BdQP_d7bF-Omr5iDAP876iwNKv_eg0YpntgGZIFaj2LrixC9shJGyPTytNGrERyBN4KUlHB2uXYVy4QWcXUjkPer3-xnS2XOnCd9fL-FVettdSaHFWlg7DVjtT2rasq10R6pYf4YbI-jKtXh_fKB0tZD1TNJnay4BV0dGfN_aKdkWPla9buPLU_1Rxl8ua2VwqNNmVpJjE0DvnDlqsT5b1SCGSi-4OieYas2ZDE6o1zYqS-oZVMiETpvXu34GqyBcyV2KnsZFBhaOoXiDmHEW4_xet4NhrDPZc2VovGXhztPGAIwh3m7jEs4QFCJqY3zD-NgRzM4bC3RzZ5QBHWfYkJO2DeHeeclkiflkhZAOsLo0y2FXLBexCPLghkwoubYXUIRl_TIA9QwwOxZqR4AraUrigSzLGqXuW_7twkbISAVaxgtYmV96zwtzNXPeeZ9gN5XPtxufWzx6nyg28Qkff15QWQUmm12kCIuIwQxYW1_9zNAk52p-kS_vKpfpap8Rj52N3F3glc2eCRjepgrdjPrs5h1GckO3JHb2B7Tae2VU4-mjkMrhe33X_q5HsG5R4M262rLnfvHO6wOzpgdEXqO2tTcVQsEF87RFINyXh2c97nu0Y89TGUVM3FsUmV6JhylECVafKn_PzsT4Ze9l92Lv7OxWVxvhrvJkVq7DDcqBt8cOhHBKRu&cid=CAASUORoFd5CRfqjPZNxpODVstmQlpDHehzqTWJrxrfCaHjQN6AsPGY7KI6gN3WxeJuxeYD5pmhofAZ_SMZN07jmy0u_qGxvurMHseYz4KNAN4fV&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 08:23:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 08:23:20 GMT
12180098840599449770
s0.2mdn.net/simgad/ Frame 5D3F 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12180098840599449770
Requested by
Host: 2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
URL: https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
817ccfec7c7f242aa96174e3b5ebf5a8bd8530ab8f4b18bb07bf00a06f19934f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 06:39:03 GMT
x-content-type-options
nosniff
age
332397
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35472
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 12:48:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 May 2023 06:39:03 GMT
js
tags.mathtag.com/notify/ Frame 1DEF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvWkRGaFpXRTBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5ODIwODA4NjcxNDg4MTI5ODMvMTA2MzExMTYvMTE1MDc0OTQvMy9rdThQYV8xSnZhQXhzcGIzNHRod0xrV2lHNU5ZVkhuMU84OEtLc2l2QjVRLzEvMy8wLzAvMTg5Mjc4Mi8zMjM5Nzc1NzQ0LzIxNTU0My8xMTQ5NTg1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk4MjA4MDg2NzE0ODgxMjk4My96cmgvMC82OTg5Lzk4Lzk5OS8yLzE5My4yNy4xNC4wLzAuMDAwLzE2NTI1ODM1MzkvMTY1MjU5NjEzOS8zLzE2MDIyNC8/q1PJano593Gd2-j6CE_1mIm3RZs&nodeid=2630&group=zrh&auctionid=3982080867148812983&shardkey=3982080867148812983&sid=11507494&cid=10631116&price=0.176840&bp=a_bidfbj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.22&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%3D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
e5818d0ee174f100c0cb7e5179199de13ab2e1dff99620e37bbab51e07b2fcd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1652583539
Last-Modified
Sun, 15 May 2022 02:58:59 GMT
Server
MMBD/3.320.0
x-mm-latency
17 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x94, zrh-bidder-x144
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sun, 15 May 2022 02:58:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5D3F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTkMWc06W4HSLqvr8tsaeBm_Hy0Zwe5U5i95YAgzTfQFYw47J_PH2IrNseHcNoHIeDOGURvcrfxEy6kpFPJHU7iiqE-semN8euyO478Q8CO520vdQn1RnVmKybSJ1DrtlgueDiD4slHvZoXJPaMGbr_iWAYjtY2qJOjnkf3t3PzHTaO3bW8syFltQuS7fu8LcZbPzGDwYVKMW-ckWm9QjfQo2WHiaQe5JvOM9oFOvsH--PhSQi6QRJLJlLorXe3kb1F0RDcQxI77VeuSzI4XCLE1b6xQncvS--VSyOL1qBjbYv_sh7D58ETttPfjfsDMTebBZJBkCB3NalX8BKatzJXtXiBqVbSXqwO713VmEr1S9K7KV-9nh2VWSdBn_rZIh7oVY7qGweyWsi7B8dUzBhW_kl1oE30uUeHMugzAmOlEW77qPuhAPKJWp1XXZJ8ObAiLFaRQAuk4jZ3Zh7i1CfJBRagHW9oN4aAA5DhP3RBKiOcwPeBOmaoOUVs1wBCINywWxwIzG4RUC3M547KJ5P2lmStVA_Qfw66rIur6Vy0oYjGxMYiMqzC-y4W2dh00TVL8qGlcIFETHhxmI6zkuPf1EX83CKml9TxQNGBq9cF-ZfHG3Y_jIg-v9U1VT71YU34SmNpOQayyBUj73tS8qOSoL_jGZ-VaPaTaXGQEe5FTajA3aM7pPyJvh0juBxQ3UWrg4zeAPh47RMtxAaIq3vT7YSmn1pLO9PlNJeuvWx_TXy8Q5e_E2dVL8DVNGQpdCsVuDCUdTpD-C1xAnO8YlDjCc6cVzFy-8ffrtejz8G1l-1YS1PRnFaUOqbdGe5Exc6DVYJE_RpfGnB17iARHfBm-loZ7DGc02Yn5sceR9KdBhTqY-ZXYrpcmgX2g9evuFRZLo283pOtcGHpxzBK5yyMFsYphjTeuFII0eEuvZ1Xw1560icdnxDEspawtDaXyc1wNBWvDivZlrlRHQ5RVC2B_3Ngz_sfWlWRiK8qhfPwTo4DtoFI38Y11AyG5qQy5I2tnZFxE9olZx4ZU_rnxotFI9eCji6jGYc40ShC9bWm0QRraigB9Q9KmAMRyOKT5Z1irDs5f93xIFwm4uRnusu9vYylu66_Wh6Go3CQwYXpvFvzp4U6AjaPmDTq1s3EDXwQ-3gI51Amjw4cHNe5BjrKHguxbIyW14somlKhDH9NUzElrE_lx9w3JgXDtAMpLBFoycSqVM74iXnMpogMaSSYYWGZAcYgQ3SzUEXL6eTWSih3pX4yC_OFuy17EtH1LIoZd4OitAcMxDaDKUudghY04agdQCmCf4a79HcduxDTXxe71bmwpkkxlyV_uIVBpUItF41TtDfXZ1kFGNa5xMI&sai=AMfl-YQvNJ7qZhZFUTbUJFdery1ybGBauWYech8Cml2NVHO3X9Hj9BFX7Hn7IOB-grOJdVru1iBO5zQVuj1bs3eEPE0HEze_NLGErI4iK6yRekOn9OytVaKWEcG7PF4fiwF4UBLRezJbqOLfxz1rD8TQTioCd1qmxYp3Td4ChV5fxpc9EGzoY3xVQiWolgXPYZZMo-xEsDcE3mVj9MqYOgqXBRlNpCQWH026fxZdIV9GD6GgBuFqhscwqBdkxJ5Xqz6GBaYwgjkQhGEwSOdTxlyK0qNXUXHs943phFza01s&sig=Cg0ArKJSzI-QqLmO9zcWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&vt=11&dtpt=67&dett=2&cstd=0&cisv=r20220511.46695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMXUSQh5SfrM0sIVSvDtI28Ar_1JdlzMrY-bXxyysKpH-flN-9eevXseeujd9Y8mn0BLvPXP3iXlAJaf-sZ7Nx_dYD2w&cry=1&dbm_d=AKAmf-CJPo-gZCwNAsQMzElUOMHrqvCFsLqQvHWgQEBAJY3f7HDuTsO3QasdkUJwbAJSvTVAA-LZoc9oI4ICeOVF-rvnuOxM8mHT94tnkUz3QfgBLwV2KxGxjsHHo_iDJ-XmziX8QA8JERoHNNWM_1qJGIxrW-NKD7jwB-GgeF29YqKTaiGn9rvFdOXZiANRMmODQuHB8rJ11CnCXy0EA431ptT_qsdd41h1LyTNjNsgoL21xEUaaTQa-Q1TvzLDGjEzD5iTL3DIz8YaN2GghKu-4CfgmmapQ1okOoOS8XnCJ4vQVg7_opWDy6A3l80TkuAujBqiTFu3HFTRVMOBxYKm-mfBpNLa6wrSZpnfQ4yevAMMCRGSGrJNnHS7C2cGH-WwHaNBvej_I3lshNI-6d96YWCaoflkBZmdhzwzuU2Dt1T9-k6jVn4U83QRYyQ8QxRo54Qr5OKuwF0hUlQc2eB7glRLVSMOqoL3e5ov9lsFyDb61Q-lM5sTmo52wf3GJtKfamH-KafkHn8YeGxEpBwRfVx_2Hct55PA4ekqjdP6M4p1-c0LnLwivU-ylAYs5nn6xVNnbKVYQ1Wpd99ezk5Yz-EjEKbXhZJ1sKAnYkHyeNVv9FDc9rbqsgtqRXpefY3cCxEXdrkcjFg1ztNAmZYTspUeQFSX9sMgDIel98n5wXDKFBDcZEeGkYnFG6SPLdRnVS46tqvXBYCxDJzr1eZfMmEGV3xkfO_wb0mC3PiZeiQJDAeMW6CDvN0bZdjwSlHdHMwsFAy-5rb8x4w6cp80mgygtAUWdIIcY-bXxbv8-zOazMpdb6PEJB8NSlU538aCNRyXGrwk_CXRXfhaQGQj2JlqAtuckv-LnG8Z4Cm-_K1yvxVgh_mraUySMxGvFZw9EvnBEnG5Dh3vSdtmgnRVMi_DcoUHDdExJlZlckk-_mpP0Gk5-MA9MqE2iU479yvYfv88l-uVoZ5ngkofHCrbJMRxqmIa-t-0ptf6kZgvA4L8aLHHvZF6SxVE9RainWKb8AmYHsoZl-BcjHhaZK2_PUHfKscvnZYdqE9eBlerzIfjNyvU3KEkSdkAio46r38vonaduJLNTeMsNTX4FE4FpM4-_YonMdKp60SquCq8r4suzQf7PiB2Li1Jwa9rkDDVn1Weaw1g_bhWY2kzGSKyqvB5IL_uztz2uOR7R2QWASRX4F9zz8fmfSJ92DM2osCxC3WRgb5Ef1CYg5PLEe1TdDOoPUHiXYNSaUpwMfBpTi3xidffk2wNCIv8QOuISuK7t24vGQGDdC1yHSM-5PRx4xtSxmwUEuMZkQX7mobzy606IwxwZadPq3wYAXOJm25VCRVJmNncOeLdQ8KLgSqMrlMN7f47_x1y39EXTWVvsucZzjd5aNMDOGh3tHTGPA4SlDd1xmtDja_0Umr09jP4_CwbWPoqvI5wVStIzS2VrAIOrzIvbCkYbOW4mDbl_va6SGqqjvgZBUNB0YExeDhgBgqQJSrDrnwxkRUemHooehYZarEcZr57z3swPLUabkf9HtC6zDd1RwmTlFA8FUxDLLEBwtIjcOiOkWm7eUTV7qvsIZ4-QGcdNuViE_l8NoV6cPkFBTgabLiwIMnp3EOY-tsuf4cmSEvEYHFmRGlHYbi2f9gZbc0yt-DmMsJE9eVExorQFAhYvCxgSF9JoTV0QZOpkiLzQ0HNaCgTImBn7HHlW-vyzerQege77IihRZxE9eiaIT9HWCY4A6aIQ4dKP_hxkwZ3SFNsqPufStjj_NwNDXlB-cbPtF2nuEW6qksGzgj4OCPXh2ae-tKaHQ4FMURSjm0tuFxBuXmjQt9oSrduNwVSLB8Mok9Vh_BuYg63yqbIZ4SzozR4wYeKWFPvXVJ6vt5aqcbodaaeo4Q93PDDfLBVSGxoIvapqW1i9fIrJYlLElP3_w-VyyFdxtFObKVIOY2gpfJoKq1otgRZy1CUqsee06RbFhfSJbcrjPr88zzwu-pCZShS_29pi_NZiS2hRXmm9eInvYe4kC7dvHjDv9LjWVQClxaa2ICCA--wgG-IBuk5g1cfUdf6gugNvoQlUb37nlFlZ5wnemPcjJoSADybuK3Y5JsWPAlY18WokCofkBLtDg4onK5zJ-qOtpQPpCHfWIsf1UVywvuWzllSbo76fpTI0ITwssVxPwqSalzwIc4JmfWkOmcJ8UfzNFrlpeOOOSKV_HEMJqnYu4KrP0v0aqrYYVNZzUXK6alWTtYUWgLKN5mJSi9Tm0X9cFA9jcKfCSKmeL_fmSeQxaQ6jKs8MIdTQrPf_LSAl9tX0cs7PBVmpSWbYhBITr1-dlKE6DH9NZpGlC6JpN0eX7qMVyDyfFp5f_LuCEgJrEjmWD7QOs9dudInUjt4Yzb1HE7KYeNxmzW14KyhBUBUfxkT54FA0VYRaG1xrHmnOvaK-Hpz9rxcqo45a52BCTkJt0GWTHwzFlEOKeMmNLqdwwoULF9huujWD6n5vfpypL-v8jbXaGm0l1fA7LO8uYvTEz8PV9wkx6iNB-4hB9Rfot-JDCQ_seu1QI8o59M46aJblpX9w6OAhL8vmNsgTgcdzPairdwpF8pEhQch7ldCJyMFo6wDXwbwrSfkmpfPaFgPuv9lIL_CKZlymxCLRICmYIXHVg-QQ1W39qG4vYOzajpZnSPO1CVVllVRz4OubgEu97B7-zlsZ-PWmunxyZ3Zg7q5CRoed9-ziAKOwVj5Dhb4oH4MpGDX-_dc2PI81l9uJOZT0RQQXev3t3_kXfVI21jpUbavxNXl9mvEyFVtZvr45psjXDQqAIi2e4Iy1FD3g0hTJ3ukrbBfRbQF7BdQP_d7bF-Omr5iDAP876iwNKv_eg0YpntgGZIFaj2LrixC9shJGyPTytNGrERyBN4KUlHB2uXYVy4QWcXUjkPer3-xnS2XOnCd9fL-FVettdSaHFWlg7DVjtT2rasq10R6pYf4YbI-jKtXh_fKB0tZD1TNJnay4BV0dGfN_aKdkWPla9buPLU_1Rxl8ua2VwqNNmVpJjE0DvnDlqsT5b1SCGSi-4OieYas2ZDE6o1zYqS-oZVMiETpvXu34GqyBcyV2KnsZFBhaOoXiDmHEW4_xet4NhrDPZc2VovGXhztPGAIwh3m7jEs4QFCJqY3zD-NgRzM4bC3RzZ5QBHWfYkJO2DeHeeclkiflkhZAOsLo0y2FXLBexCPLghkwoubYXUIRl_TIA9QwwOxZqR4AraUrigSzLGqXuW_7twkbISAVaxgtYmV96zwtzNXPeeZ9gN5XPtxufWzx6nyg28Qkff15QWQUmm12kCIuIwQxYW1_9zNAk52p-kS_vKpfpap8Rj52N3F3glc2eCRjepgrdjPrs5h1GckO3JHb2B7Tae2VU4-mjkMrhe33X_q5HsG5R4M262rLnfvHO6wOzpgdEXqO2tTcVQsEF87RFINyXh2c97nu0Y89TGUVM3FsUmV6JhylECVafKn_PzsT4Ze9l92Lv7OxWVxvhrvJkVq7DDcqBt8cOhHBKRu&cid=CAASUORoFd5CRfqjPZNxpODVstmQlpDHehzqTWJrxrfCaHjQN6AsPGY7KI6gN3WxeJuxeYD5pmhofAZ_SMZN07jmy0u_qGxvurMHseYz4KNAN4fV&rfl=1%2Chttps%253A%252F%252Fballeralert.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 5D3F 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4a17fe2a63e6d9ec23058bc38d4ea1f7e397fa1de8be89b1a887cb34d746bd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E895 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
159254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 May 2022 06:44:46 GMT
expires
Sat, 13 May 2023 06:44:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
edn8pg08rg5j
hal9000.redintelligence.net/zone/ Frame 1DEF 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/edn8pg08rg5j?subid=&gdpr=0&gdpr_consent=&rnd=3982080867148812983&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:pub&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D08B54F13-D309-42A1-AA7C-5024614D8139%26mt_aid%3D3982080867148812983%26mt_id%3D10631116%26mt_adid%3D215543%26mt_sid%3D11507494%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_cid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%253D%26redirect%3D
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
b48e14c837b784562768f6ce59e4f04cbe3eb1e49578efbe5f7d45941f127b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3155
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 1DEF 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3982080867148812983&node_id=2630&exch_id=3
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvWkRGaFpXRTBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5ODIwODA4NjcxNDg4MTI5ODMvMTA2MzExMTYvMTE1MDc0OTQvMy9rdThQYV8xSnZhQXhzcGIzNHRod0xrV2lHNU5ZVkhuMU84OEtLc2l2QjVRLzEvMy8wLzAvMTg5Mjc4Mi8zMjM5Nzc1NzQ0LzIxNTU0My8xMTQ5NTg1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk4MjA4MDg2NzE0ODgxMjk4My96cmgvMC82OTg5Lzk4Lzk5OS8yLzE5My4yNy4xNC4wLzAuMDAwLzE2NTI1ODM1MzkvMTY1MjU5NjEzOS8zLzE2MDIyNC8/q1PJano593Gd2-j6CE_1mIm3RZs&nodeid=2630&group=zrh&auctionid=3982080867148812983&shardkey=3982080867148812983&sid=11507494&cid=10631116&price=0.176840&bp=a_bidfbj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.22&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
Server
MMBD/3.320.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x84, zrh-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 15 May 2022 02:58:59 GMT
img
pixel.mathtag.com/event/ Frame 1DEF 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=3982080867148812983&v3=1149585&v4=11507494&v5=10631116&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvWkRGaFpXRTBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5ODIwODA4NjcxNDg4MTI5ODMvMTA2MzExMTYvMTE1MDc0OTQvMy9rdThQYV8xSnZhQXhzcGIzNHRod0xrV2lHNU5ZVkhuMU84OEtLc2l2QjVRLzEvMy8wLzAvMTg5Mjc4Mi8zMjM5Nzc1NzQ0LzIxNTU0My8xMTQ5NTg1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk4MjA4MDg2NzE0ODgxMjk4My96cmgvMC82OTg5Lzk4Lzk5OS8yLzE5My4yNy4xNC4wLzAuMDAwLzE2NTI1ODM1MzkvMTY1MjU5NjEzOS8zLzE2MDIyNC8/q1PJano593Gd2-j6CE_1mIm3RZs&nodeid=2630&group=zrh&auctionid=3982080867148812983&shardkey=3982080867148812983&sid=11507494&cid=10631116&price=0.176840&bp=a_bidfbj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.22&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master zrh-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
Server
MT3 4390 fb8620d master zrh-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:58:59 GMT
img
tags.mathtag.com/event/ Frame 1DEF 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=3982080867148812983&st=11507494&time=1652583540&nodeid=2630
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvWkRGaFpXRTBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5ODIwODA4NjcxNDg4MTI5ODMvMTA2MzExMTYvMTE1MDc0OTQvMy9rdThQYV8xSnZhQXhzcGIzNHRod0xrV2lHNU5ZVkhuMU84OEtLc2l2QjVRLzEvMy8wLzAvMTg5Mjc4Mi8zMjM5Nzc1NzQ0LzIxNTU0My8xMTQ5NTg1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk4MjA4MDg2NzE0ODgxMjk4My96cmgvMC82OTg5Lzk4Lzk5OS8yLzE5My4yNy4xNC4wLzAuMDAwLzE2NTI1ODM1MzkvMTY1MjU5NjEzOS8zLzE2MDIyNC8/q1PJano593Gd2-j6CE_1mIm3RZs&nodeid=2630&group=zrh&auctionid=3982080867148812983&shardkey=3982080867148812983&sid=11507494&cid=10631116&price=0.176840&bp=a_bidfbj&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.22&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:00 GMT
Server
MMBD/3.320.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x104, zrh-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 15 May 2022 02:58:59 GMT
Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
pagead2.googlesyndication.com/bg/ Frame E895 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 15:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 May 2023 15:09:32 GMT
request.php
hal90003.redintelligence.net/ Frame 1DEF
Redirect Chain
  • https://hal90003.redintelligence.net/request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90003.redintelligence.net/request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Apub&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D08B54F13-D309-42A1-AA7C-5024614D8139%26mt_aid%3D3982080867148812983%26mt_id%3D10631116%26mt_adid%3D215543%26mt_sid%3D11507494%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_cid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fballeralert.com%2F&ancestorOrigins=https%3A%2F%2Fballeralert.com&random=5743627289901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Server
138.201.63.117 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
90295605e3ee06691dea7b608598ea0c4cec0646ad45eeeab98abb984aa3da61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:00 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
26563100012701404681724011960003
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Sun, 15 May 2022 03:59:00 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:00 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Apub&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D08B54F13-D309-42A1-AA7C-5024614D8139%26mt_aid%3D3982080867148812983%26mt_id%3D10631116%26mt_adid%3D215543%26mt_sid%3D11507494%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_cid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fballeralert.com%2F&ancestorOrigins=https%3A%2F%2Fballeralert.com&random=5743627289901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sun, 15 May 2022 03:59:00 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FE9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaHQfdGyAYvmVBpfqgAf4u5CgBgAAAAA4AeAEAg&bg=!U1ClUBTNAAZL3OSAa9w7ACkAdvg8WvzvKXPaDlkZbN0hwGXAy_9VDxmDJLxjWSmO4pAu_mu2lJgCsgIAAAC3UgAAAAJoAQcKAFclEIfTOg3pMrTEcI2r9sXbm5UWT8TdycELpMAd5GT2yZdfyVsvmkjL8p9SqODTMe1ZOt8ZqYFKx9OuwIreFaD3CPUwkHnxG71rOCs6RKeoMErR3ylzVQOZAvKxnHwNY3_pyv9s6NloqASGSy_9AsktBOce15FnbyjclcHmm8JbY6K_J-KpgaeFex8SXa54Abx4Q7Loh0k55U5ja6J81acLu8scwuIm54XwMVnoMo9b4t300xMrmeHXWoboybifauuLprbf4XlcvT2pGCneVP7yKHwDwca9wlElGtJ_zXroiLh-kqdHDs9CwkJus9mERcB-PZgpXU2ZEplkL8TTurRNosazjIEG2DYmN_mn3sRC-E6BNLzTpy2PuO40VrC3yPeCw7AtcY0vgha38yF8cfC-ofLvsdWS_Ks6ELOx85qevhet8Pnf1bP1i4lnleN5d2wM_xXKFy6r7ZtRCqhhSTAiobdEKJIr-U31Rcoqs-g-Fxg0CxnzzgCk2ZCLJPm86XepGh777BPeCdrKotBWtrVBRQMTaqPq8Zb3dQzNDj4CHboXF-Dwi5d2-jWxFN1bCEDQV-qn-U4DaVnxcntTKpna0ZYiqquTu54GOG1aiSDzZ0OXOO8vwYC0Vh8JAn37V_yS5NcInOugtHsemFulMGlPy4scxluOW-tVooq7wJm3ptB6lplaaapIEmQ4oVQ-gyUs6bzxLrHQOt850YeU-k2oREMCdZRQuXAYhAekPWIZowItnZZplClpZH9MMRLN42vnODXuU-UyEyEFkJj09f99yJHvXm21bUDygSvw1LGus8409p3keVsXi0g2eq0OYiqmun_TWWcm0w3O-3yw316enSD02OQ8Gxgb2yicUgW7rxkFNw8Gmo5KTuN2Yan9wiKuNW-Ijf2DkeUXCjrSOOd0v32yVob18E2Dh1PnFJLj1k1yABvn01GgqOyl8HADaJjWr1z0ATvWsoyTkgBFS9PcL5dfoYAshwKP2mbUHtSmAFpVQfC7Te-LDrx8q_ysxQBzyTkFpQyekSO6y6rikVIso26s0zcbb78e23VPYBEpulYBPEHWqhrQcoddGzR7CNOFz-HwuJcqvMX3wHFMR-bEV_Tse16sZjt-FiPP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D580 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B-MEJdGyAYsHOE76R9fgP-KS2-AcAAAAAOAHgBAI&bg=!Pj2lPXnNAAZL3OSAa9w7ACkAdvg8Wtb3z-VQG0BnUr2aY0QBDNNlfI-U8AClsBYr3QUTrQ92cd96nwIAAADBUgAAAAFoAQeZAv7oOWM06rxswjLjbjvcPCyx-XigLsBSewPRV4yiRauR1550Iz_K3yjBTkIUEf-tqoaVM8lSAZAtfar72nfRFvAVQWbj8m4GtsRIO4Db-xKfYA4_Ad1y4ldNa3LgPGpDSr2Lkroz9w6mnVabeXMdbllPsW-tInApcosXUxkDWhDUeXfLfkW-ed1ff3YL4iUNHjO06u81HbOYc9zeE2D0sIRvwDTTBUx72IasNJSbHMSUaa6f7CktF_p1TvVijM8NWs1FXobtcG0Q_f29MplEoovzACzJFFE_L3_-maVSK2eOc-qEU0VqicUKOFN_jbJp7KHo0XG5VF85LXqEPyGcKy5PTG2i1yl4O1vObY0w4-1MpdJZgSirHydpeFCV1uTvAn4iF0A-B6BrB187ebXfTg-Q4RqZNd5I9CauFsWkT4VV1P1oq_0F0g_ZPMFn11tszmPYtOiydmOdM0XgUaqfnDSqRFPLcpva9IJ9VfINQKED_zwPv7e0NxHJr69JcVStMYCdEePHgIXMdfPc0bPCjpdPpO0_LZDqNJwwhzX9SOmCQMcMz9-Ofo3uBp5ijCkOWXQw7xpeKKB2HqtysZ5RdSuvQbjh95bR0OJhdjegY4poqcxRyMaPyfAmu6fHVlr-u56RSBJOfxvlWjzCAErppJy-X4hYgP5b4Vp3e-vV7mZlpwLj2V-HKr0usj6i14XWTArp8eOsNa5Hif8PQTH2sl6RbvONHHI5xStb2H1Av58c95gjCBoIEW4qxhiLS8_OjaQ52BPcbooKxXGZ4JZSxC423G8G-PZL9_l92Tc3HpX00wSbpgdQrLzmEWpzyVNwEiPB8wiYPnymbxA1BBFbAR9sYmQoKqMUviATlSGe-ydOtNcqPkU4xP3r7hzRvHytC0CS9Ahv4YiXttJe5Hd9V63-UXdFbo3pPnt-6OPw7ydByBK1CK_BWVPiCeal4051YlsPPP5OX4xt1eD8yJDX_nFxm-tqmAcvtzD736UL8O05FP01MaX_ioqHe0DkV8bk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E895 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9vGzdGyAYpaCIdSKrAT684G4BAAAAAA4AeAEAg&bg=!zc6lzorNAAZL3OSAa9w7ACkAdvg8Wrgo4-HkCxx2eRuq2fHgVm_033HxUHT2rrWE1686x7hCzQrSGQIAAABKUgAAAAJoAQeZAuOXPUsy4HPpEGBzVFceuNk93kb_czkBcZS6zm-KydtsG89KYse5Z1xCDXA-tjG35i_csxZtmHg5WzysxjboLxV_awlNuU5FTkkGw2k1kKNxFJTOUX17Xk0ByqJ1bViSB0xautxmKE_whkv3nzJvzJ1Ydr1UoYYoRAhwM6BLD_BXHvXPGCYLYdd16tnIdDYVEsuJq5fAgTjHsIHFR_sTQtENryl2DIsoLRQ66jmWyFKKvxlwjbkZfyrtXv24d0pqCvNHHv7McDfIjdDKkXenRcOY820IeFAU0Pb6Fp6AUydPti8gwm_UCSN9Ai4SmMCR3ZDThcOsPt1Cuhx0UuJ6tdnkxChwBoT0ukmOc2yb42SvFu4odArCRb5b7DlxSWfZuJcF0dwsWagl5D5_824EfjyGjfseOJbJCR2D8WhzoGvNCC5f0WD5KfXlyjQfPwBdqa28lk06Opgj3xxUclXbxPLWWilmVjC8x_Kcj4CGJauklfYaHZ-w67_tNgDBJXSe4GCmfzJFgahbpBQttWnCPAQJG4Q1imA0e-csLlJQKtR2rCeZwsTI7XMe2jdiBKgeUtZLe08FU4PCeUd5pmeSfGQ3DNbWPRGdt_FIbNiX6S5I3Tlta6qbQZp0DPUEQuD5ec-H0XR617uelfMvVPHTCJiVjbRNqqm5YL9dzz6r4t-vpO9TBgnLQnI4ACN0W3Tm_Er_I5rHkWkzBiLHxKykUUhh364uo6yaShP1XdS6HAhFUpursMgRjkGheAQb77fnufT-7kBu3IyWE_9z7W2M5BiX9gzKnNM67XJ-00aYEaSy4oBYOF5bvrRDPpNThHRKO0ET11IwR49TGkmq4rqsFHz4HAlynXXfATUoMMVYyxzxAGT57pVQH6b7jT77htCCV0QjC-9vrrmEhUK2lDKC-fSj_ZBH2zUTQqD0c_mfG0QeM8MBkNxePF94IbF_j4WfZXoPRs4-smFZm2I_xlcSPepUXnag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal90003.redintelligence.net/ Frame 5126 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=edn8pg08rg5j&nw=20&renderingType=javascript&namespace=274327ce79&subid=&uid=fadd071ce62f69be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Apub&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D08B54F13-D309-42A1-AA7C-5024614D8139%26mt_aid%3D3982080867148812983%26mt_id%3D10631116%26mt_adid%3D215543%26mt_sid%3D11507494%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_cid%3Dd6006280-6c74-4d01-b01f-19434865808e%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE2MDIyNCZzaXRlSWQ9NzgwNDQ0JmFkSWQ9MzM1MjE4NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MTY3MzUmY3JlYXRpdmVJZD0wJnVjcmlkPTExMTc5MTEzMTgwMTY3NzcxNTYzJmFkU2VydmVySWQ9MjQzJmltcGlkPTE5Rjc1NUJBLTc0MTYtNDczRi05Njc3LTQ1Q0QyRTg0QUYwMyZwYXNzYmFjaz0w_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fballeralert.com%2F&ancestorOrigins=https%3A%2F%2Fballeralert.com&random=5743627289901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2b9d04532ef7d81212b89e1e82ae6c5132757a5ee8af3796a8bb88aedcadb70f

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2305
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 02:59:01 GMT
Expires
Sun, 15 May 2022 03:59:01 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 986E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=32784
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 02:59:01 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Sun, 15 May 2022 12:05:25 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 1B2D 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=160224&siteId=780444&adId=3352187&adType=10&adServerId=243&kefact=0.176840&kaxefact=0.176840&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1652583535&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.176840&dcId=3&tldId=0&passback=0&svr=BID22522U&adsver=_2695297976&adsabzcid=0&cls=BID&ekefact=b2yAYgTMCQBSmzCiJ_DnDzCDA0xECzUe4nGNMr2usfY2i3BY&ekaxefact=b2yAYhrMCQDGCuG32T8wLmr7NmlLcyHbdzBh6o5bJUHCfT0o&ekpbmtpfact=b2yAYizMCQDNBpGSUfr8oN-B7wJCoedJtNTlx4KNtj3-b2VH&enpp=b2yAYlfMCQCn6w3CH2-9Gj1_ZL9ejrYpktRsLLIlbyAtwseT&pfi=1&domId=4210305170406690065&dc=AMS&pubBuyId=19961&crID=10631116&lpu=mcfit.de&ucrid=11179113180167771563&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=1&wrId=3062671&wAdvID=100696&wDspCampId=1149585&isRTB=1&rtbId=08B54F13-D309-42A1-AA7C-5024614D8139&imprId=19F755BA-7416-473F-9677-45CD2E84AF03&oid=19F755BA-7416-473F-9677-45CD2E84AF03&cntryId=58&sec=1&pAuSt=3&wops=0&sURL=balleralert.com&BrID=5
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Sun, 15 May 2022 02:59:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1DEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbhHJdVEDOyO1h73rrxZ5Vf4RdHcYgTCpWVFv3iUD9G8XTL55xzdw2bZ5GcatxOCfdzfEckAo4iHAgD_6RBFm7J6-Yr3oktrKh1VoVKQcukYYh9kfpWa4ZJ7wFRBxA8odL3HR688266UtOBMC9ZHWogkOs9LoI-M3dot6Xgb1Db1CzjUWp6fTfAIVO_d5Y4bYKEqlaopQwlqyTZXdxdSYvBBlnYTv1lCxkTgsMv7H4z9-wMBwwc5OZQw26sfDAmIhRtvGLibXMmX_xVg_cmR-W_-vuBtRqS6xIxNChIEREMTFkLVkSK_8FH84emyuKs9OUBRWbgEWeTTVX1Hb8&sig=Cg0ArKJSzBVuWH7J3rdPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 02:59:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 15 May 2022 02:59:01 GMT
truncated
/ Frame 1DEF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcab1ec2383691158db57b832d22157cd299d4c901581dcd4cdab4ad497512

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements2756.js
cdn.doubleverify.com/ Frame CF7F 		528 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2756.js
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
09f33bbf788a3cee4b9da117e56a2e09aad4b3203e085195bb7d5f870d16c436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 May 2022 15:06:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0a1fce71166d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99723
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 5126 		89 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 21:44:13 GMT
x-content-type-options
nosniff
age
18888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91556
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 21:44:13 GMT
/
track.adform.net/adfscript/ Frame 5126 		744 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54886215;click=https%3A%2F%2Fhal90003.redintelligence.net%2Fc%2Fpa6qz8sfb7snbzf%3Ftprd%3D
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
59003c0fbd98d57d21a549a06a8506179fead334e74645acbca01dedb3d735ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
548
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 986E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40314267&p=160224&s=780444&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
956ef347ea1eef7639b82fcfc08a66cfd66d8b0118144a6a1692693ca7b19fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1939
content-type
text/html; charset=UTF-8
visit.js
tps.doubleverify.com/ Frame CF7F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=44&ttfrms=8&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3ETar9EEADTbpTauTau32%3D%3D6C2%3D6CE%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=5&ddur=15&uid=1652583541061274&jsCallback=dvCallback_1652583541061955&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2756&tgjsver=2756&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fballeralert.com%2F&fwc=1&fcl=631&flt=0&fec=1838&fcifrms=24&brh=2&sdf=2&dvp_epl=154&noc=4&ctx=24192157&cmp=DV701242&btreg=5731637970138354784080&btadsrv=5731637970138354784080&adsrv=104&unit=1x1&seltag=1&sadv=5028042685&ord=2877215675&litm=5731637970&scrt=138354784080&splc=/11462305847/balleralert/home/adhesion&adu=22501772778&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_qtpid=87f69d7a-db26-4f3d-ba4a-bc5d2d552590&dvp_qtsid=1eda25b0-fd44-4f9e-9953-e11a00098c03&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=179837312.98328614&dvp_tukv=1026788953.0215079&dvp_uuid=2607618893.346417&dvp_tuid=1169401605947
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2756.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.110 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
d2d4980bc3015348762a8ade584fab5995866193860a068b1421b2bd1f4e3600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:58:16 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
05/14/2022 02:59:01
viewability
hal90003.redintelligence.net/ Frame 5126 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/viewability?s=26563100012701404681724011960003&a=fd211df5&vb=m
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:01 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=790091515024094&bg=!MTKlMnbNAAZL3OSAa9w7ACkAdvg8WnVnJ0t8FpbDo__UB3XhD4tuedlGKl3k56RnlBkmKGWbXDU2bgIAAAElUgAAAAJoAQeZAqcuFfWjYc5fp_Z7ad9hMjQUgH5kzGKYXwyxBqzKtfT8eWLFjXDiorln87HXpj4HtFNAfmOkAfPkxpvo1PKer8uAHyR58TvGu4hKy9Fm6zAER3YmXDuF7epFEH-ruMVcl0jbSgVs4XPScP5rubXzd4vIQf2TL4o3btmrnDQblRM3tdNd-Gvt3anWSzPvW437M0AohKBIZei-XJpEnC-Jb_c2KgIfTQ9Chx08sviKRDu18QPHlq4HjRpti-0i3EXOr0pbbAX-9KIpnogY1cSfXfTFRa4Miv19pJCuSHI_yJcogRbzkE8euiLMz_DGw0SQIAq_EN2qQbZZBKyeS5vcnoeEzEwiNjb6xD4ubCnFNR0JzMPAy_baAopNeenK2FsFYqwsbyfhqqF9vIpW5a82flr_Y1rJ2V8aYp-ZJZ0LDn9UhYJKwQZEcEyblb0jUnHUClO1TyDutlof8OyuUBHClSxXoLDxFxohFyEjGcq9BnhP3jTkzqK4DD6dyBLUfWhdkO3RTsqgJ9b2Th7T1y5_GqWDy25-73QDB0nibRC8LLHLOsq8TddvN45jytStDO7AZq3HYK86a41sdko_BhShICDsBfga1_OvWlb2ji39L8ZGYvhkn_HuskHvH2brdBkEpV9N-Gk4ghLYRkM6KmiVPAicS8Mt4FEM4KsNausEf1HeMitckDGSdUyIu43_Zp5Qoa2jHZJhsopwPJn2tHOBnNDyACcHRYH-wNkTRq3imqQhZH4LP5TglaDYAmBr8qvpj3smr10vdZf3dc7DDtwp-a9c_J11zhW8RgFesbT-gYzrdliyU3EJDwULwKkjRBOrzGOHCZB0cdOcnX1Fo3_vf_w2LkVe8Z5afCJor87sY87gNI0VuNZ-Hp4hE5bRII8MR3rv71dmWsQY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame 40CF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6006280-6c74-4d01-b01f-19434865808e&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6006280-6c74-4d01-b01f-19434865808e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 15 May 2022 02:59:01 GMT
Expires
Sun, 15 May 2022 02:59:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master zrh-pixel-x5 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6006280-6c74-4d01-b01f-19434865808e&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame ED5E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8678379883384627744
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8678379883384627744
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8678379883384627744
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 596B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 02:59:00 GMT
expires
Sun, 15 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
630447
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 986E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlCMzkwNEItQUY2Qy00OTQxLUI3MDctQzc4MzA3RTI5REJF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 986E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK-N_xOrT8zFCH52UM_5ezM&google_cver=1
42 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK-N_xOrT8zFCH52UM_5ezM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK-N_xOrT8zFCH52UM_5ezM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 986E 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 14 May 2022 02:59:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 986E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4938342704165468389
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4938342704165468389
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4938342704165468389
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 986E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 986E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7631895784809156516&gdpr=0&gdpr_consent=
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7631895784809156516&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:01 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3330416d-1f7e-4e04-9dfe-a243af2c70a7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7631895784809156516&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 986E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5126 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54886215;click=https%3A%2F%2Fhal90003.redintelligence.net%2Fc%2Fpa6qz8sfb7snbzf%3Ftprd%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 16 May 2022 06:19:57 GMT
/
track.adform.net/adfserve/ Frame 5126 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54886215;click=https%3A%2F%2Fhal90003.redintelligence.net%2Fc%2Fpa6qz8sfb7snbzf%3Ftprd%3D;js=1;adfxid=1x;8634;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fballeralert.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0e377f46828ce9f752f0530fd560461f5b3e1fb5a195b7e7d430b6f61dc08442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1998
expires
-1
truncated
/ Frame 5126 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 5126 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 16 May 2022 06:21:45 GMT
/
track.adform.net/csimpr/ Frame 5126 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54886215&csi=H2FdaFRmc6RPZeIuNxPo8J0ew19HDP34wjeEnSBpFjTrygPkIxxfk4C3KbHwRqvOhB6B8KcNcMNbmEcmwysHj96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90003.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90003.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
csi
csi.gstatic.com/ Frame A1B1 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l36pkkji&c=2001980664230&slotId=1000990332115&qqid=CIK78LbB4PcCFRbVEQgdRjEDnQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=875&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=6&vhc=0&msm=1&aits=18%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4003:c10::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11204919.js
s1.adform.net/Banners/Elements/Files/160090/11204919/ Frame DF00 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/11204919.js?ADFassetID=11204919&bv=258
Requested by
Host: balleralert.com
URL: https://balleralert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c501e586ceb51ccd38f6ea2316b6b5f66f78b4e5d1e17172034bf3dec6030223
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 15:12:48 GMT
server
nginx
etag
W/"62695d70-d02"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
screen.css
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		1 KB
882 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
343ea6f53cd6ddde97c421f384c229147c9c507452690d8bd0045be5453df3f8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
W/"62695d74-596"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/css
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame DF00 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
introfill.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		103 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-67"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
103
text0.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:48 GMT
server
nginx
etag
"62695d70-134b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
4939
text1.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
df79dd6a7ac84baa0b616fdb9c1b188d562051dcc880a1e8be5fb3bf25eb642b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-1766"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5990
text2.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ff2dfbd53fcbe7a924065849f3a621b7275fc80dc5c4091e307ff93725b5dde
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:48 GMT
server
nginx
etag
"62695d70-147d"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5245
text3.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/text3.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
270e057943921b2dd09052353e02f32c8f7369816ac92717b7e4efa3393eed0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-1f1e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7966
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e3938359d975b49ca24219f23cf9f4b416dbe9c347cfe8e45c5ea8e6c8d1aae
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:48 GMT
server
nginx
etag
"62695d70-11ab"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
4523
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
87b9fa7efc94c1145c336dfa8e5b245461d0d2c950996f9b0f0e8ccea0289b72
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-503"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1283
date.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8b6088276c5f8cdb4ec8ab768aa62222b0c4e678d5a8f71fc62ae172b771b2c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-a00"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2560
cta.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e5dbcde39ec1fc3506acc9fd13cdcc2815b146f106f5765d20bd057ae502e27c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:48 GMT
server
nginx
etag
"62695d70-a17"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2583
logostart.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c478bc96e00b2e4a64241756af7a9fb046590741b6d6a4483b10be4985b3fb56
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-ed0"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
3792
logo.png
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
"62695d74-ecf"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
3791
background.jpg
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f74858ab6cbc624a9d3b5331b95c315d0851e07372d32d11136ba31777a4aea0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
last-modified
Wed, 27 Apr 2022 15:12:48 GMT
server
nginx
etag
"62695d70-2050"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
8272
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame DF00 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5733915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ikmg1woHWsTrjgmfBiZlASfgISlquoGZfTIKVGOU%2Bf7JMh6oHnIRCQEMtf4MSF2LVt8e7zQULhDIpRUA2X1RIh8kWF%2Fgsj9WGBn6RfdfRbauK7W3y%2FBa6RFe0Z7SM2mt%2FWNju%2FWFWeLtP%2FemmDG03UN7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70b89d7e6f5e2355-ZRH
expires
Fri, 05 May 2023 02:59:01 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame DF00 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2107153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f95EgwRsH8hjArUnMS7eaohMfx0egK%2FUB1O%2B6vvVXOFbaZq2WgM1Hf5zngz2KfLA7fmZZ%2F3D%2FzIse%2BB7yzUW%2FTLStxcoffBYFFnwO7lmLt4p3dy4Uu7LI5rihSPOREG1mS3e617KNnzGMTkRtf9UyBuI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70b89d7e6f5f2355-ZRH
expires
Fri, 05 May 2023 02:59:01 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame DF00 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28900501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
cf-request-id
0aaca61c2700000204b1291000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkFON62yoUbVTnpyXUEfmMcJs0Fa8WzHmW%2FHBotDe68Niz543skdolrOswoCtPGCfxQ7jpHYNfLGG%2FAaP7Dy%2FPaldPEzIdPLQLvzGWYjozN3hRt6QESbq%2FF19hfHeyFTwGrX0F2xdXRT%2B7ta0w0J2Jlb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70b89d7e6f602355-ZRH
expires
Fri, 05 May 2023 02:59:01 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/ Frame DF00 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/11204919/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ed12b039b09021f444b5466f17e66ee92467082997c6af462e5bbe688170d86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:01 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 15:12:52 GMT
server
nginx
etag
W/"62695d74-2550"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame DF53 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZBrmSPjD5cVu6b8B1zcbAJtV-KyzsIFBUw2Pd7tynjG9xLVt-vHNwk4VFdde8abIxiD-7AuMZLP4BbwG10tMNUPNWFhAoWegsFW-gG7exO4Xi1YLa2A8RFTxt&sai=AMfl-YRIsTAzvEcPcaxok2lzYOHb5-QoQRxEqyZXl7Jv-FpdEeHyWHPUg5SVY8ujUBwCFzBJXB5c_6HiNVXf4TY9j0L0J8oLFNVmIAOeeQ3A-u-fULrp_1myJsjgmgd8&sig=Cg0ArKJSzF2pLg873OH6EAE&cid=CAASUORoohasm6FrNV342NPWZ72sDfnLbRQzPubuL8t1nlfr6LqS2uJrnaN-UIe0Y14eF02Jnbv3d_fyI2HnauyKjqT2ofMRp9ifrOS0AjDcomes&id=lidar2&mcvt=1001&p=207,436,297,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3807761084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652583540269&rpt=220&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-frc.doubleverify.com/ Frame C0CE 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=59b8a537e52d4a2d96936db1de18eba7&gdpr=&gdpr_consent=&dvp_twib=1&dvp_atali=1&vdur=115&eoid=10&msrjs=2756&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=65&tetms=7&msltms=41&vltms=115&sei=290&vetms=8&engms=1&engisel=1&dvp_dtvst=59b8a537e52d4a2d96936db1de18eba7&ttfurm=2150&cbust=1652583541794943
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2756.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.110 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Pragma
no-cache
Date
Sun, 15 May 2022 02:59:01 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
05/14/2022 02:59:01
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DEF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuXOkkrYjkji4E-nQHKfqqy_KQuLGAfsMwJT3VvCD0sk85KoG3kVri-e5NDXZqtuK9w-GwqLcaEAODJQS_x5mkQOvC_B5fL5p-30rKnKMYe_GzLDfs&sig=Cg0ArKJSzClUxcRsAuOKEAE&id=lidar2&mcvt=1008&p=1110,436,1200,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220511&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1278255468&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652583540533&rpt=471&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
a.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:59:01 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
viewability
hal90003.redintelligence.net/ Frame 5126 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/viewability?s=26563100012701404681724011960003&a=fd211df5&vb=v
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/request_content.php?s=26563100012701404681724011960003&a=e1545365
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3E14 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81152
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 768039
X-Served-By
cache-lga13628-LGA, cache-hhn4043-HHN
X-Timer
S1652583543.572894,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57D6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90784
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 02:59:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 16 May 2022 04:12:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame DAF7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0543 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 15 May 2022 02:59:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BDD0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90784
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 02:59:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 16 May 2022 04:12:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8B9A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81152
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 738533
X-Served-By
cache-lga13628-LGA, cache-hhn4034-HHN
X-Timer
S1652583543.578287,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CAFE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90784
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 02:59:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 16 May 2022 04:12:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4117 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81152
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 621284
X-Served-By
cache-lga21972-LGA, cache-cdg20758-CDG
X-Timer
S1652583543.582352,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 37F7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90784
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 02:59:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 16 May 2022 04:12:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 41C7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9E01 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame F174
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=7FK6kkh2qpmdQjm0Jnat&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=7FK6kkh2qpmdQjm0Jnat&pi=gumgum&tc=1
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.221.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-221-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 15 May 2022 02:59:02 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 15 May 2022 02:59:02 GMT Sun, 15 May 2022 02:59:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=7FK6kkh2qpmdQjm0Jnat&pi=gumgum&tc=1
pragma
no-cache
ixmatch.html
js-sec.indexww.com/um/ Frame DD90 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6244 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-balleralert-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://balleralert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81152
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 768040
X-Served-By
cache-lga13628-LGA, cache-hhn4043-HHN
X-Timer
S1652583543.580774,VS0,VE0
hms.gif
sync.colossusssp.com/
Redirect Chain
  • https://colossusssp.com/?c=o&m=cookie
  • https://sync.colossusssp.com/hms.gif
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/hms.gif
Protocol
HTTP/1.1
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Redirect headers

Location
https://sync.colossusssp.com/hms.gif
Date
Sun, 15 May 2022 02:59:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 41C7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39531
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9499
Expires
Sun, 15 May 2022 13:57:53 GMT
async_usersync
ib.adnxs.com/ Frame 3E14 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
12aff44a-9dfb-41b2-bb52-c2d16b301f3b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8B9A 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
05b0d14a-e19a-412f-a648-68f11111784c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6244 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
198d5f31-9176-45e9-82df-14d8cd95f50f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4117 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
801b5bff-8d00-41c8-8a43-ae3e3cdda7ff
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 83E4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bea931b21f00d2fea8cb23952347b694779a917783da00779cf180229c751db6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1666
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
Dropped-Udsids
230|241|39|45|40|73|41|26
Expires
Sun, 15 May 2022 02:59:02 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
346
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 15 May 2022 02:59:02 GMT
Expires
Sun, 15 May 2022 02:59:02 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame D08B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af506867189b74a1ff6cdde7c33d006e61b191acc88d7e1f0eddfa401004be26

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1681
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
Dropped-Udsids
45|241|39|230|3|17|152|73
Expires
Sun, 15 May 2022 02:59:02 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
346
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 15 May 2022 02:59:02 GMT
Expires
Sun, 15 May 2022 02:59:02 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 904F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3de99be20d454c7509f260f0fae5aa92cb82b0757bdbf8b5d36d1e766937c402

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1722
Content-Type
text/html
Date
Sun, 15 May 2022 02:59:02 GMT
Dropped-Udsids
45|230|241|39|64|18|73|195
Expires
Sun, 15 May 2022 02:59:02 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
346
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 15 May 2022 02:59:02 GMT
Expires
Sun, 15 May 2022 02:59:02 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
crum
dsum-sec.casalemedia.com/ Frame 904F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoBsdkQ.9AA3NNh8F6va3QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:02 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 904F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 904F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3X1SEMNPF34ZW6DQKEHB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V0A9122RPZ5TVC678RH6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 904F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 904F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 904F
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668481143&external_user_id=74641527-ae24-4663-bfe1-b5527867aa37
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668481143&external_user_id=74641527-ae24-4663-bfe1-b5527867aa37
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:03 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668481143&external_user_id=74641527-ae24-4663-bfe1-b5527867aa37
date
Sun, 15 May 2022 02:59:03 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 904F 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 904F
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7039769-0a26-499c-b5f1-65064ed78a72
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7039769-0a26-499c-b5f1-65064ed78a72
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:03 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7039769-0a26-499c-b5f1-65064ed78a72
date
Sun, 15 May 2022 02:59:03 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 904F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoBsdgmIKR.QC2Ww0PvfXQAA%261179
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1405
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 03:22:27 GMT
event.png
tpsc-frc.doubleverify.com/ Frame C0CE 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=59b8a537e52d4a2d96936db1de18eba7&gdpr=&gdpr_consent=&msrcanlm=648&msrcannum=9&eoid=12&ismms=44&isumms=43&isvelg=1&nvr=6&isgmmims=44&isgmv4mims=44&elmtp=6&isbxdms=3060&b11=3315&adhgt=165&adwdth=1010&engisel=1&vsos=9&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3315&sftb=3315&msrdp=8&naral=128&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=954&isuiabvms=954&isgmpims=43&isgmv4dpims=954&ispmxpms=954&engalms=42&engscrlms=44&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1652583542809598
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2756.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.110 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Pragma
no-cache
Date
Sun, 15 May 2022 02:58:57 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
05/14/2022 02:59:02
pixel
cm.g.doubleclick.net/ Frame 83E4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 83E4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TW4BS06D4QETHQM9JTDK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G3732YM2F9CWCVP6A7HH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 83E4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 83E4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoBsdkQ.9AA3NNh8F6va3QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:02 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 83E4 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoBsdgmIKR-QC2Ww0PvfXQAABJsAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
bridge
cm.adgrx.com/ Frame 83E4 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 83E4 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdgmIKR.QC2Ww0PvfXQAA%261179
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13459
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 83E4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoBsdgmIKR.QC2Ww0PvfXQAA%261179
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1405
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 03:22:27 GMT
crum
dsum-sec.casalemedia.com/ Frame D08B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoBsdkQ.9AA3NNh8F6va3QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:02 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGarvRLA4UnN0wRXcX54bc4&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D08B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2YQ3P2V284JS2WTKQZ06
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R1D9BR5EN7D6RB3FD108
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D08B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D08B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D08B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6006280-6c74-4d01-b01f-19434865808e&gdpr=1&gdpr_consent=
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6006280-6c74-4d01-b01f-19434865808e&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:02 GMT

Redirect headers

Date
Sun, 15 May 2022 02:59:02 GMT
Server
MT3 4390 fb8620d master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6006280-6c74-4d01-b01f-19434865808e&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 15 May 2022 02:59:01 GMT
crum
dsum-sec.casalemedia.com/ Frame D08B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 15 May 2022 02:59:03 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame D08B
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d0506566-fb88-45df-b94e-90313a6eac61
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d0506566-fb88-45df-b94e-90313a6eac61
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:03 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d0506566-fb88-45df-b94e-90313a6eac61
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D08B 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoBsdkQ-9AA3NNh8F6va3QAABLEAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
js-sec.indexww.com/ht/ Frame D08B 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoBsdkQ.9AA3NNh8F6va3QAA%261201
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1405
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 03:22:27 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 32FC
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fballeralert.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.219.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-219-211.compute-1.amazonaws.com
Software
/
Resource Hash
d75561ef499e9c142737431b19163dcd09704685d924aa4a08cce58fa214effe

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:59:03 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 15 May 2022 02:59:03 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:59:03 GMT
location
/um/cs&eq_cc=1
/
track.adform.net/serving/unload/ Frame 5126 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=85760888854350879@@54886215,1480849838034253242,100|1084|0|0|0|0|0|0|0||37|1|||||1|0|0|rOpywEkMXvtcPlakbYq96UVAwJVOPoqD1wfriV1afdidOR2a_scQXvL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90003.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90003.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel
cm.g.doubleclick.net/ Frame 41C7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE1YjgxYTk3M2E2OTU0Y2Q0NTEyYzNmZGZmM2E3MDM1ZDZiZDQyZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE1YjgxYTk3M2E2OTU0Y2Q0NTEyYzNmZGZmM2E3MDM1ZDZiZDQyZQ
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODE1YjgxYTk3M2E2OTU0Y2Q0NTEyYzNmZGZmM2E3MDM1ZDZiZDQyZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 41C7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dPJH5PH9Teq5q_yHts5eQg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dPJH5PH9Teq5q_yHts5eQg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dPJH5PH9Teq5q_yHts5eQg
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7JKANBPZC7K6HD2D4NC3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dPJH5PH9Teq5q_yHts5eQg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 41C7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/loFDw1L88Jwk6yTZIAmoPw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2134434716928821445
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2134434716928821445
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Sun, 15 May 2022 02:59:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2134434716928821445
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 41C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH15ce4NgXZyUstpZWpvc1U&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH15ce4NgXZyUstpZWpvc1U&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH15ce4NgXZyUstpZWpvc1U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 41C7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame 41C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
setuid
px.ads.linkedin.com/ Frame 41C7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L36PKJP8-3-A4FG
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L36PKJP8-3-A4FG
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DF5080D3D9A44825A4875137BBC4EAC3 Ref B: FRAEDGE1408 Ref C: 2022-05-15T02:59:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfBBcKB6E48GT6HHF8KA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L36PKJP8-3-A4FG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 41C7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM2UEtKUDgtMy1BNEZH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM2UEtKUDgtMy1BNEZH
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM2UEtKUDgtMy1BNEZH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-62CG4WNT8H&gtm=2oe5b0&_p=1359023445&_z=ccd.tfB&cid=650311075.1652583538&ul=en-us&sr=1600x1200&_s=2&sid=1652583537&sct=1&seg=1&dl=https%3A%2F%2Fballeralert.com%2F&dt=For%20all%20Celebrity%20News%20%26%20Gossip!%20Baller%20Alert%20-%20Baller%20Alert%20It%27s%20a%20lifestyle!&en=page_view&_et=107
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62CG4WNT8H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://balleralert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-frc.doubleverify.com/ Frame CF7F 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=23ea4c6ffaf6497f89282477dd14ade2&gdpr=&gdpr_consent=&dvp_atali=1&vdur=13&eoid=10&msrjs=2756&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=15&tetms=9&msltms=21&vltms=13&sei=290&vetms=23&engms=1&engisel=1&dvp_dtvst=59b8a537e52d4a2d96936db1de18eba7&dvp_dtslt=23ea4c6ffaf6497f89282477dd14ade2&mascid=23ea4c6ffaf6497f89282477dd14ade2&ttfurm=2048&cbust=1652583543105497
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2756.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.110 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://balleralert.com
Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
05/14/2022 02:59:03
SPug
simage4.pubmatic.com/AdServer/ Frame 986E 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160224&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame 32FC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=a7835aed-ddb4-4e3a-964e-77312b7b1cb2&expiration=1660532343
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 02:59:03 GMT
async_usersync
ib.adnxs.com/ Frame 3E14 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aef41095-a4b5-4157-8b86-6c352833ffd3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8B9A 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
84fb3ccc-f936-4eb6-90b6-a85b27edd475
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6244 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0774df93-dc2f-4e71-b6f0-47ccfaa2e238
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4117 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 02:59:03 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9e1fd152-8292-4ae8-b973-52b6c1753a9f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
74eec8ed-151b-4ad3-99cf-dbf459cf9c9b.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/74eec8ed-151b-4ad3-99cf-dbf459cf9c9b.jpg?crop=310:174,smart&width=310&height=174&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a15bb827b34110bd2fbe97e1c4cc48e8a0b20f8f8942b792a3c1c8c5cc856644

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
content-encoding
br
age
1614
etag
"vap9lfoM/BJ4M2ckF8+HpJ+Z+iD9TLjydMn0BAypMuE"
access-control-max-age
86400
fastly-io-info
ifsz=299938 idim=938x666 ifmt=png ofsz=6657 odim=310x174 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
6272
fdaf1e09-e0f7-46ab-a71a-7eb24543b827.jpg
img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-be0c6000-e22f-42ce-b978-66f8b38d5eea/98ec137d-5d4b-4fd5-a49f-f3ae17bf91d1/fdaf1e09-e0f7-46ab-a71a-7eb24543b827.jpg?crop=310:246,smart&width=310&height=246&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14e0d778a35e083385606b6b6868858368753d98c5986761f067a93c4061a30c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://balleralert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
content-encoding
br
age
1621
etag
"vqWSiaAkJ3xlAcSIfPFn9DnEjE/dbASej4TX9Tf73b4"
access-control-max-age
86400
fastly-io-info
ifsz=137714 idim=1920x1080 ifmt=jpeg ofsz=11993 odim=310x246 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
11632
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame 81F1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=162305&cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=8d6b4040-04c9-4ad0-aa63-766b9eb4e9b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://balleralert.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
collect
a.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://balleralert.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://balleralert.com
date
Sun, 15 May 2022 02:59:04 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
PugMaster
image6.pubmatic.com/AdServer/ Frame 57D6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4052378&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a2cc21a50703523f6fd38895fea8440c07b25e86e6b866c4e8bbe4d2ff8d7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1986
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame BDD0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=860813&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a2cc21a50703523f6fd38895fea8440c07b25e86e6b866c4e8bbe4d2ff8d7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1986
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame CAFE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62018032&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a2cc21a50703523f6fd38895fea8440c07b25e86e6b866c4e8bbe4d2ff8d7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1986
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 37F7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72598412&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a2cc21a50703523f6fd38895fea8440c07b25e86e6b866c4e8bbe4d2ff8d7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1986
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 81D4 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 15 May 2022 02:59:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0099
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694211226
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694211226
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 15 May 2022 02:59:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694211226
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 79C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABZgFX2AAj&gdpr=0&gdpr_consent=&_test=YoBseQABZgFX2AAj
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABZgFX2AAj&gdpr=0&gdpr_consent=&_test=YoBseQABZgFX2AAj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:59:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 15 May 2022 02:59:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABZgFX2AAj&gdpr=0&gdpr_consent=&_test=YoBseQABZgFX2AAj
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4043-HHN
x-timer
S1652583546.837145,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 059B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=piH-ic7uQn1IAWoZxJX-o8EbDgo
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=piH-ic7uQn1IAWoZxJX-o8EbDgo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 May 2022 18:12:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0022:0:439

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 02:59:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=piH-ic7uQn1IAWoZxJX-o8EbDgo
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame ECF2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90781
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 16 May 2022 04:12:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 57D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 23:11:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 15 May 2022 02:59:05 GMT
Server
MT3 4390 fb8620d master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 15 May 2022 02:59:04 GMT
mw
mwzeom.zeotap.com/ Frame 57D6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b4ccf43994be05e9/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=b4ccf43994be05e9/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=3339d9cbdde1ce68
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a987398-798e-4962-7229-1d487644278c&reqId=07e2e217-438f-4af2-7e96-ba259e6a3ae6&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a987398-798e-4962-7229-1d487644278c&reqId=07e2e217-438f-4af2-7e96-ba2...
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a987398-798e-4962-7229-1d487644278c&reqId=07e2e217-438f-4af2-7e96-ba259e6a3ae6&zcluid=3339d9cbdde1ce68&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
70b89d9aaa5801f8-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a987398-798e-4962-7229-1d487644278c&reqId=07e2e217-438f-4af2-7e96-ba259e6a3ae6&zcluid=3339d9cbdde1ce68&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
29B3904B-AF6C-4941-B707-C78307E29DBE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 57D6 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29B3904B-AF6C-4941-B707-C78307E29DBE?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 57D6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
date
Sun, 15 May 2022 02:59:05 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame 57D6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 57D6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1acf1f9d-477c-4527-936f-b9266cf8a519&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1acf1f9d-477c-4527-936f-b9266cf8a519&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1acf1f9d-477c-4527-936f-b9266cf8a519&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 15 May 2022 02:59:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 57D6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2435899492016518430&gdpr=0&gdpr_consent=&us_privacy=
1 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2435899492016518430&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:12:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2435899492016518430&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 57D6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29B3904B-AF6C-4941-B707-C78307E29DBE&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BDD0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90781
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 16 May 2022 04:12:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame BDD0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 15 May 2022 02:59:05 GMT
Server
MT3 4390 fb8620d master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 15 May 2022 02:59:04 GMT
match
c1.adform.net/serving/cookie/ Frame 0230 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 15 May 2022 02:59:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame BDD0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 76F2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279693883539
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279693883539
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 15 May 2022 02:59:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279693883539
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
29B3904B-AF6C-4941-B707-C78307E29DBE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BDD0 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29B3904B-AF6C-4941-B707-C78307E29DBE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame BDD0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
date
Sun, 15 May 2022 02:59:05 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame BDD0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 9CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABZVNX0wAj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2869
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 15 May 2022 02:59:05 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
4722
x-served-by
cache-hhn4043-HHN
x-timer
S1652583546.837170,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 15 May 2022 02:59:05 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABZVNX0wAj
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4043-HHN
x-timer
S1652583546.739099,VS0,VE89
Pug
simage2.pubmatic.com/AdServer/ Frame BDD0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7ff65f01-c5b1-4622-a128-f3530fb11d78&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7ff65f01-c5b1-4622-a128-f3530fb11d78&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:07:48 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:2375
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7ff65f01-c5b1-4622-a128-f3530fb11d78&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 15 May 2022 02:59:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 3DD3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=5gtLaKICSERR0upkNGWiWsEbDgo
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=5gtLaKICSERR0upkNGWiWsEbDgo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 May 2022 19:06:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 02:59:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=5gtLaKICSERR0upkNGWiWsEbDgo
Pug
simage2.pubmatic.com/AdServer/ Frame BDD0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2363841897978590494&gdpr=0&gdpr_consent=&us_privacy=
1 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2363841897978590494&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2363841897978590494&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame BDD0 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29B3904B-AF6C-4941-B707-C78307E29DBE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame EC62 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CAFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90781
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 16 May 2022 04:12:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CAFE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 23:11:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 15 May 2022 02:59:05 GMT
Server
MT3 4390 fb8620d master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 15 May 2022 02:59:04 GMT
match
c1.adform.net/serving/cookie/ Frame 392B 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 15 May 2022 02:59:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
mw
mwzeom.zeotap.com/ Frame CAFE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2a96f5efe1f8a343/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=2a96f5efe1f8a343/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=3339d9cbdde1ce68
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d93c6e2e-525b-496a-5860-41483d9bd571&reqId=321ceb6f-054d-42b3-5655-3a369fb1df7f&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d93c6e2e-525b-496a-5860-41483d9bd571&reqId=321ceb6f-054d-42b3-5655-3a3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d93c6e2e-525b-496a-5860-41483d9bd571&reqId=321ceb6f-054d-42b3-5655-3a369fb1df7f&zcluid=3339d9cbdde1ce68&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
70b89d9aaa5901f8-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEL8Z4w42Iw_xJjfFbIeTcug&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d93c6e2e-525b-496a-5860-41483d9bd571&reqId=321ceb6f-054d-42b3-5655-3a369fb1df7f&zcluid=3339d9cbdde1ce68&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1653
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694538893
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694538893
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 15 May 2022 02:59:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694538893
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
29B3904B-AF6C-4941-B707-C78307E29DBE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CAFE 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29B3904B-AF6C-4941-B707-C78307E29DBE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame CAFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
date
Sun, 15 May 2022 02:59:05 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame CAFE 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 15 May 2022 02:59:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 49D7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABaGGfIAA2&gdpr=0&gdpr_consent=&_test=YoBseQABaGGfIAA2
1 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABaGGfIAA2&gdpr=0&gdpr_consent=&_test=YoBseQABaGGfIAA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 15 May 2022 02:59:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 15 May 2022 02:59:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoBseQABaGGfIAA2&gdpr=0&gdpr_consent=&_test=YoBseQABaGGfIAA2
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4043-HHN
x-timer
S1652583546.838937,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame CAFE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b52a7152-1b0f-45ce-9bb0-f1165e587472&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b52a7152-1b0f-45ce-9bb0-f1165e587472&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 18:12:05 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0022:0:301
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b52a7152-1b0f-45ce-9bb0-f1165e587472&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 15 May 2022 02:59:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame EB43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zWV4fCxAQtFNiw2boqWTnMEbDgo
42 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zWV4fCxAQtFNiw2boqWTnMEbDgo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 02:59:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zWV4fCxAQtFNiw2boqWTnMEbDgo
Pug
simage2.pubmatic.com/AdServer/ Frame CAFE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2580014680092374302&gdpr=0&gdpr_consent=&us_privacy=
1 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2580014680092374302&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2580014680092374302&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CAFE 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29B3904B-AF6C-4941-B707-C78307E29DBE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 497F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 37F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KbOQS69sSUG3B8eDB-Kdvg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90781
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 16 May 2022 04:12:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 37F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 15 May 2022 02:59:05 GMT
Server
MT3 4409 ba5503e master zrh-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6006280-6c74-4d01-b01f-19434865808e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 15 May 2022 02:59:04 GMT
match
c1.adform.net/serving/cookie/ Frame AEE5 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=29B3904B-AF6C-4941-B707-C78307E29DBE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 15 May 2022 02:59:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame 37F7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=29B3904B-AF6C-4941-B707-C78307E29DBE
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 584A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694473370
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694473370
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 May 2022 02:59:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 15 May 2022 02:59:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7097792279694473370
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
29B3904B-AF6C-4941-B707-C78307E29DBE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 37F7 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29B3904B-AF6C-4941-B707-C78307E29DBE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 37F7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29B3904B-AF6C-4941-B707-C78307E29DBE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z0FLewpE2uUeDIGmIXSFuzV.2OQUXRk-~A&gdpr=0&gdpr_consent=
date
Sun, 15 May 2022 02:59:05 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame 37F7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 7DE5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABaYufEgA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2869
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 15 May 2022 02:59:05 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
4721
x-served-by
cache-hhn4043-HHN
x-timer
S1652583546.837035,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 15 May 2022 02:59:05 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoBseQABaYufEgA2
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4043-HHN
x-timer
S1652583546.739073,VS0,VE89
Pug
simage2.pubmatic.com/AdServer/ Frame 37F7
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:864d264a-dead-4fe0-b781-48a9de703c62&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:864d264a-dead-4fe0-b781-48a9de703c62&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:864d264a-dead-4fe0-b781-48a9de703c62&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 15 May 2022 02:59:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 98EF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9toNWu6UTQxWEiYbyvBHGMEbDgo
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9toNWu6UTQxWEiYbyvBHGMEbDgo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 May 2022 20:36:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 02:59:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9toNWu6UTQxWEiYbyvBHGMEbDgo
Pug
simage2.pubmatic.com/AdServer/ Frame 37F7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2796187462206158110&gdpr=0&gdpr_consent=&us_privacy=
1 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2796187462206158110&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 02:59:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2796187462206158110&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 37F7 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29B3904B-AF6C-4941-B707-C78307E29DBE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 02:59:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 5541
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Domain
www.youtube.com
URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Domain
www.linkedin.com
URL
https://www.linkedin.com/pages-extensions/FollowCompany?id=28541752&counter=&xdOrigin=https%3A%2F%2Fballeralert.com&xdChannel=32969569-d6a9-4f3c-aa17-e44be6a57e70&xd_origin_host=https%3A%2F%2Fballeralert.com
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Verdicts & Comments Add Verdict or Comment

358 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| fbq function| _fbq object| dataLayer function| gtag function| clarity object| uetq string| baAdUnitPath function| adGridInitiate object| adGrid function| cnxps object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| advads_options object| advads object| whp_local_data object| advads_items object| advadsCfpQueue function| advadsCfpAd function| cnx string| sf_position string| sf_templates string| sf_input object| gptadslots object| googletag object| AdBridg string| blavityAdUnitPath object| adsbygoogle object| _mNHandle string| medianet_versionId object| _atrk_opts object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| twemoji string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| UET function| UET_init function| UET_push object| ueto_3eae25f819 function| atrk boolean| _atrk_fired object| pbjs string| exp_string string| nobidVersion object| nobid number| window_x string| google_user_agent_client_hint function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| $mcSite function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| cnx_usr_storage string| href object| google_optimize object| player_instance_79b872cf256d4399ab468218c6423ec3 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| mc function| $mcj object| fnames object| ftypes function| sfsi_plus_align_icons_center_orientation function| sfsi_plus_processfurther object| gapi object| ___jsl object| Sslac object| IN string| __limit function| sfsi_plus_setCookie function| sfsi_plus_getCookie function| sfsi_plus_eraseCookie function| sfsi_plusGetCurrentUTCTimestamp function| sfsi_plusGetCurrentTimestamp function| sfsi_plus_is_null_or_undefined number| __popTime function| sfsi_plusShallShowPopup function| sfsi_plus_hidemypopup object| tribe_l10n_datatables object| sfsi_premium_Modernizr function| Manipulator object| sfsi_premium_ajax_object function| SFSI function| sfsi_premium_getUrlVars function| sfsiplus_showErrorSuc function| sfsiplus_beForeLoad function| sfsi_plus_make_popBox function| sfsi_plus_stick_widget function| sfsi_plus_float_widget function| sfsi_plus_shuffle function| sfsi_plus_shuffle_new function| sfsiplus_Shuffle function| sfsi_plus_hideFooter number| global_error function| sfsi_plus_update_iconcount function| sfsi_plus_changeIconWidth function| sfsi_plus_new_window_popup object| sfsiplus_initTop function| sfsi_hover_icon_handler function| force_initialize_fb_icons function| sfsi_premium_wechat_follow function| close_overlay function| sfsi_premium_wechat_share function| sfsi_premium_wechat_share_mobile function| sfsi_copy_text_parent_input function| sfsi_premium_fitText function| sfsi_premium_resize_icons_container function| escapeDoubleQuotes function| sfsi_premium_pinterest_modal_images function| sfsi_premium_pinterest_modal function| sfsi_premium_pinterest_absolute function| sfsi_copyLink boolean| sfsi_premium_fittext_shouldDisplay object| JetpackInstantSearchOptions object| webpackChunkjetpack_search object| wpcom object| _tkq object| _stq object| advanced_ads_layer_settings object| advanced_ads_layer_cache_busting function| layers function| advads_layer_center_if_not_sticky function| advads_layer_gather_effects function| advads_layer_gather_background function| advads_layer_gather_auto_close function| can_remove_background function| advads_check_item_conditions function| fancybox_display function| advads_layer_call_display_callbacks function| advads_extract_custom_offset_from_class function| advads_extract_duration_from_class function| advads_layer_display_background_callback function| advads_display_effect_fadein function| advads_display_effect_show function| advads_display_effect_slide function| getSupportedTransform function| set_ad_transform function| advads_layer_close_item function| advads_layer_close_items function| ouibounce object| advanced_ads_responsive number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| advanced_ads_sticky_settings function| advanced_ads_sticky_check_position_fixed object| tie function| createTicker boolean| isInTag function| typetext object| tie_isMobile object| html5 object| Modernizr function| yepnope object| browserPrefixes object| jetpackLazyImagesL10n object| advadsTracking object| AdvAdsTrackingUtils object| AdvAdsImpressionTracker object| AdvAdsClickTracker function| sf_addItem object| advads_admin_bar_items function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect boolean| ai_js_code object| advads_tracking_ads object| advads_tracking_urls object| advads_tracking_methods object| advads_tracking_parallel object| advads_tracking_linkbases object| PQ object| advImpVar object| winTopPos number| winTopIframeYOffset boolean| isInitialLoad boolean| detectPageScrolling boolean| adgrid_counters boolean| adgrid_debug boolean| adgrid_refresh boolean| adgrid_lazyload boolean| adgrid_native string| adgridFqdn string| topLevelDomain string| domainName string| adgridCurPage boolean| adgridVideoWrap number| winWidth number| winHeight string| deviceType function| adGridLoadPrebidAndGPT function| pbjsChunk object| _pbjsGlobals object| mnet object| advJson object| apstag boolean| adGridIsTabActive object| advWrapper string| adGridInterstitialIuPath number| adgridDomainId function| st_go function| linktracker_init object| FB object| advadsProCfp object| $window object| $the_post object| $wrapper object| php_js boolean| isActive function| ai_process_lists function| ai_process_ip_addresses object| script object| spanElem object| dvScript object| aax object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| apstagLOADED object| closure_lm_771719 object| __webpack_exports__ object| $dv string| $frmId object| dvWindow function| dataTransparencyDirectQuery object| apntag object| _dv_win function| dvCallback_1652583539668407 number| checkTop number| checkBottom boolean| halfInViewport boolean| fullInViewport boolean| halfInViewportWithBuffer object| seventyInViewport object| ninetyInViewport object| hundredInViewport boolean| isAboveFold boolean| isBelowFold object| result object| advanced_ads_sticky_items object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave function| cnxAddEventListener

74 Cookies

Domain/Path Name / Value
.bing.com/ Name: MUID
Value: 33974819B660636410DE59BCB70B62F3
.balleralert.com/ Name: _gcl_au
Value: 1.1.1069632656.1652583538
www.clarity.ms/ Name: CLID
Value: ae2ab230d9c94292a554c24ced92f060.20220515.20230515
.balleralert.com/ Name: _ga_62CG4WNT8H
Value: GS1.1.1652583537.1.1.1652583537.0
.balleralert.com/ Name: __asc
Value: 36732a93180c5a79d79eaa28c2a
.balleralert.com/ Name: __auc
Value: 36732a93180c5a79d79eaa28c2a
.balleralert.com/ Name: _adb
Value: a2l36pkivewlKZpSCFq0
.balleralert.com/ Name: _fbp
Value: fb.1.1652583538115.1514552715
.balleralert.com/ Name: _ga
Value: GA1.2.650311075.1652583538
.balleralert.com/ Name: _gid
Value: GA1.2.1066784769.1652583538
.balleralert.com/ Name: _gat_UA-3874823-1
Value: 1
.facebook.com/ Name: fr
Value: 0Hf81a7IMsEqD1DMj..BigGxy...1.0.BigGxy.
.doubleclick.net/ Name: IDE
Value: AHWqTUmI-POffo6G-Nl1IFzJ_YzpLl_ZEVyyMNUx0ULZ3YAc1N2MTPXfVII_fN81SX4
.balleralert.com/ Name: _gat_gtag_UA_3874823_1
Value: 1
.balleralert.com/ Name: _clck
Value: l0trou|1|f1h|0
.youtube.com/ Name: YSC
Value: jc18BZheWTs
balleralert.com/ Name: advanced_ads_browser_width
Value: 1600
.balleralert.com/ Name: _uetsid
Value: f76f7590d3fa11ecb37bbfef90f65f51
.balleralert.com/ Name: _uetvid
Value: f76f79d0d3fa11ec938dafc222417cf5
.adnxs.com/ Name: icu
Value: ChgI59o-EAoYASABKAEw89iBlAY4AUABSAEQ89iBlAYYAA..
.gumgum.com/ Name: cs
Value: true
.adnxs.com/ Name: uuid2
Value: 7631895784809156516
.balleralert.com/ Name: _clsk
Value: 5enjsa|1652583539186|1|1|a.clarity.ms/collect
.rubiconproject.com/ Name: khaos
Value: L36PKJP8-3-A4FG
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qphqbdubo0LnrRHKV/Y9AOYB3Biw5iW/3rYgsyIMXOeT981hKPSTUo/9tVtdVGpR3UiZRZbkHZ+0SYbB5SW5XQ3McjVl6US41Gma+WVcS1g3g==
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGNMdmUvl3ZxGQskJGpgd1xIFt87TMBs-LTKtZrofXbc4
.gumgum.com/ Name: vst
Value: e_7a6915e9-c1da-41ce-8fe4-7b943436df38
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.linkedin.com/ Name: bcookie
Value: "v=2&6cd0466b-dda1-495d-8d39-bddda84cef52"
.www.linkedin.com/ Name: bscookie
Value: "v=1&202205150258592dd31d3d-4f79-465c-8eb6-50f954e36462AQHAi47r4leY82Kv57ndpWW_BuWyUmIB"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTI1ODM1Mzk7MjswMjHiSJMkrDufo+WCPvW2OnuKJgTqtI10J2xaQC1/DalpCQ==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2828:u=1:x=1:i=1652583539:t=1652669939:v=2:sig=AQGsb34lE-Fbo7nY2LHz5zgSBmZf10cZ"
.balleralert.com/ Name: tk_ai
Value: CeLJUcjuOmUcXERYoPn7Nb8Y
.www.linkedin.com/ Name: JSESSIONID
Value: ajax:0708071110515187825
.balleralert.com/ Name: __gads
Value: ID=f1840450558f5fb5:T=1652583538:S=ALNI_MbmsZak4zJmtGptqxNAX7kEFwCpTQ
.c.bing.com/ Name: SRM_B
Value: 33974819B660636410DE59BCB70B62F3
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 33974819B660636410DE59BCB70B62F3
.c.clarity.ms/ Name: ANONCHK
Value: 0
.scorecardresearch.com/ Name: UID
Value: 142d1480a83c6212b0131521652583540
.mathtag.com/ Name: uuid
Value: d6006280-6c74-4d01-b01f-19434865808e
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 045987089086603f
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 29B3904B-AF6C-4941-B707-C78307E29DBE
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160224:5
.pubmatic.com/ Name: SyncRTB3
Value: 1653868800%3A35%7C1653782400%3A54_3_56_21_13_7_161_8_220
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EPQBCwGSJvijAA
.quantserve.com/ Name: mc
Value: 62806c75-28889-423ec-e1e25
.simpli.fi/ Name: suid
Value: 5C9379EA74F94F1E8A7A2F699D4BBD50
.de17a.com/ Name: guid2
Value: 1.8678379883384627744
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEK-N_xOrT8zFCH52UM_5ezM&KRTB&16514-CAESEK-N_xOrT8zFCH52UM_5ezM&KRTB&23025-CAESEK-N_xOrT8zFCH52UM_5ezM
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN&KRTB&19420-9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN&KRTB&22979-9rlidvbobXPtuWJ--LJ3cvK4PyXt7msj8r5-I6oN
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7631895784809156516&KRTB&23339-7631895784809156516
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d6006280-6c74-4d01-b01f-19434865808e&KRTB&16736-uid:d6006280-6c74-4d01-b01f-19434865808e&KRTB&23019-uid:d6006280-6c74-4d01-b01f-19434865808e&KRTB&23208-uid:d6006280-6c74-4d01-b01f-19434865808e
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8678379883384627744
.adform.net/ Name: TPC
Value: 1652583541256
.adform.net/ Name: uid
Value: 4938342704165468389
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4938342704165468389&KRTB&23263-4938342704165468389
.pubmatic.com/ Name: PugT
Value: 1652551921
.creativecdn.com/ Name: u
Value: 7FK6kkh2qpmdQjm0Jnat
.creativecdn.com/ Name: ts
Value: 1652583542
.casalemedia.com/ Name: CMPS
Value: 3219
.casalemedia.com/ Name: CMID
Value: YoBsdkQ.9AA3NNh8F6va3QAA
.casalemedia.com/ Name: CMPRO
Value: 1201
.yahoo.com/ Name: A3
Value: d=AQABBHZsgGICEASl6IgFUOOFzc2a3zASt6IFEgEBAQG9gWKKYgAAAAAA_eMAAA&S=AQAAAgPLZVxpH94rB70PAHt1eNo
.amazon-adsystem.com/ Name: ad-id
Value: A8vdgNy9dUIipJUnxmcwBlo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.company-target.com/ Name: tuuid
Value: 74641527-ae24-4663-bfe1-b5527867aa37
.company-target.com/ Name: tuuid_lu
Value: 1652583543
.eqads.com/ Name: EQUser
Value: UID=a7835aed-ddb4-4e3a-964e-77312b7b1cb2
.casalemedia.com/ Name: CMST
Value: YoBsdmKAbHcA
.pubmatic.com/ Name: SPugT
Value: 1652583542
.casalemedia.com/ Name: CMRUM3
Value: 2762806c760b40&f162806c7605a0&2d62806c762760CAESEGarvRLA4UnN0wRXcX54bc4&1162806c7605a0&9862806c772760d0506566-fb88-45df-b94e-90313a6eac61&e662806c762760&2862806c772760a7835aed-ddb4-4e3a-964e-77312b7b1cb2&0362806c762760d6006280-6c74-4d01-b01f-19434865808e&4962806c7605a0&1262806c77276074641527-ae24-4663-bfe1-b5527867aa37

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.colossusssp.com/hms.gif
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a2c6118e3dbff37ee80c0b250c2f654.safeframe.googlesyndication.com
a.clarity.ms
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adspsp.com
ajax.googleapis.com
aktrack.pubmatic.com
apis.google.com
assets.adobedtm.com
b1sync.zemanta.com
balleralert.com
bat.bing.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c0.wp.com
c1.adform.net
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn-images.mailchimp.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cds.connatix.com
certify-js.alexametrics.com
certify.alexametrics.com
chimpstatic.com
cm.adgrx.com
cm.g.doubleclick.net
colossusssp.com
connect.facebook.net
console.adgrid.io
creativecdn.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90003.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.iheart.com
i0.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
nep.advangelists.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
platform.linkedin.com
pr-bh.ybp.yahoo.com
prod.adspsp.com
pub.doubleverify.com
public-api.wordpress.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r1---sn-4g5lznes.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.gumgum.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
s1.adform.net
s3.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static-exp1.licdn.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.colossusssp.com
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.adform.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
vid.connatix.com
vtrk.doubleverify.com
ww.api.iheart.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.iheart.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
match.prod.bidr.io
www.linkedin.com
www.youtube.com
x.bidswitch.net
104.45.184.134
13.224.186.4
13.224.190.170
13.224.198.102
13.224.198.109
13.225.80.67
13.225.80.90
138.201.63.117
141.226.228.48
141.94.170.64
142.250.185.162
142.250.185.66
142.250.186.130
142.250.186.162
151.101.130.49
151.101.193.108
151.101.194.137
169.50.137.182
172.217.16.130
172.66.40.228
176.9.26.250
178.250.0.163
178.62.202.251
18.156.0.31
185.184.8.90
185.29.132.245
185.29.134.249
185.33.221.89
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.22
198.47.127.19
198.47.127.20
199.232.214.84
2.18.233.180
2.18.233.201
2001:678:cb4:bbbb::11
209.54.177.54
213.155.156.165
213.254.244.110
23.205.235.133
23.32.59.34
23.35.236.201
23.35.236.247
2602:803:c003:200::51
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
2606:4700:10::6816:1857
2606:4700:20::ac43:45e7
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:a6e0
2607:f8b0:4003:c10::5e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:21::14
2620:1ec:27::cafe:1586
2620:1ec:c11::200
2a00:1450:4001:10::6
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200d
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9d
2a02:26f0:3500:585::4469
2a02:26f0:3500:587::1e80
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:4f::596
2a05:d018:d29:3605:c111:9aee:7bd3:6707
3.132.38.126
3.232.89.139
34.230.246.52
34.246.221.35
35.211.178.172
35.244.174.68
35.71.131.137
37.157.2.247
37.157.4.24
37.157.6.248
50.17.222.208
52.142.114.2
52.217.46.190
52.25.210.71
52.30.140.199
52.38.118.148
52.72.219.211
52.94.223.167
54.145.48.80
54.77.210.61
63.251.232.165
66.155.71.25
69.173.144.165
70.42.32.191
74.125.140.157
8.2.111.121
8.2.111.126
85.114.159.118
96.16.131.108
0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b
0178be68408ef776168e90d00fa56653d2b10fb74961e01d30c3648e7b326a0c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
061a3a77519999a1fe023724896eca435a4b4d6fd758963270c43fb83d4a8a60
063b43cf222ee719c29a86e38cfcdeec77ff3c3642b91d189d4cf0c53a3f085d
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
0908e71188a30f735a4fa7ae333e4495a8c36c2d058ca4188d846be6c9115e9a
09f33bbf788a3cee4b9da117e56a2e09aad4b3203e085195bb7d5f870d16c436
0a731869de6e698f087e6962c7177337ead1c537e54b9392087e036aca9c1c28
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8cc7d24df9e185458701c0144cfb654fcb6b69e4f43382cd8470de53c4815c
0e377f46828ce9f752f0530fd560461f5b3e1fb5a195b7e7d430b6f61dc08442
0ecf9e4a5b70eb37a11d42cb701c76c4ca1cd704f76bb066d2cb094fddf16f01
10ac61e62a140e5355f5103e8782a953d3316c589b86bf2e8cc560f23a4d066f
10af94f8bff58e193ba0f000f22e445cb9fb4ea99c308cccff09ec09bdf1719a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129bd016a23768f3c4931f8fccf17ed666af73ece3f0efc8771e2452f59d3392
12c608481a541b13655d397ce28efa24ce90cc43590087e0b70b12eb9e328755
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14e0d778a35e083385606b6b6868858368753d98c5986761f067a93c4061a30c
15d91ab032211a3cfedf49470c5490ee1cc7ca322820fcfcdfa9ddcc1307549d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1972842917dbb1efdc7b6a79f02ee5ce28365a8964281c0616fe1e41c1e85f15
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ed10b472cc4501eb1c7b9b95a5ba6f0d99cc32e0984c002582638afa5744e0f
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2051ec367c1be61480b94686061b4ecfe4365aa872b41f80cd208afb2602945a
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
255c2452ee1cc39165866eb224edb7f44938c59878395ed2e05fcda8459d2b1f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270e057943921b2dd09052353e02f32c8f7369816ac92717b7e4efa3393eed0d
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
27818d82f071ef5a2025ad9f0c3eb98e68817f7dfee5b337726368a3c681f514
27976e2bf0b132ddf2b59360c232d97827f105cc81cb4a80e498f461b25ad127
283be09091d04feeb7aae2fbe9fab1fab92260624efa15712a39045be28a6050
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
298b9bc41c30aaea7fc89c925be64addb7c0a1df0d29cfde93ed4d38cc425131
2a04876ca0217fd228c3b0d34e799ad5c310401296ca69e513ee52b3ec624a46
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9d04532ef7d81212b89e1e82ae6c5132757a5ee8af3796a8bb88aedcadb70f
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e90d0b0c83a51f6fdff289223f4e944a7b6be4a87da1f8b7d63215db7863130
2f38604afbd2011fc1eadc56f9facb217fb44e9e90459deef3d668d02e4ce036
2f4dfda26286d2b53f16765a0437554b16964e33de28d7bf4e196e14519a44c3
2f9d31c716c319b1b112c376a88ffbdc98e461d2f91f36bd40be9e9f97a9b145
2fac42d19f7115964cb32bdbd6f07f93fa3d9318db93e9c6e48c76d18b8a18d6
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea
30aa763639b91cec13bafb4649a956320321316e82f39205a9e948a6392cf8de
30b18072bef2e7e0f05487040fa67cb159169aea754838b5088e5a75212d680d
324a0bfb76bd61618329d5b76d1c1c8f85e3f5961d22ab931b0956e89b53525c
32fd2eb35bfc922743b09440aa77ce35f75392da85de95884c3ab1d0b7aff530
3376ffe71fb8b142c3628b23df3362b4e4114623d302f60f7c25093614ac361c
343ea6f53cd6ddde97c421f384c229147c9c507452690d8bd0045be5453df3f8
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35a4012e1c08521722c4206735c3ead24eb883aa138884e2fafba48a7ad1f5db
35d05b4254f23ffcd8ad13c19d2e17b7a6e0aa591d191efebc407ae775559def
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
39f94c7fae88d40b82ea1bfbe0415e0b18ece89cecf5a7f2710f1743aebe2366
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9de7fd996f090a92b41c27b0be8618db03a346bc13d16ec19b965173148259
3dba15ffc6aa9cfe1f5534b3c660cabd06543bbe9815ebd72e8f7a59e87c3943
3de99be20d454c7509f260f0fae5aa92cb82b0757bdbf8b5d36d1e766937c402
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f
4165f862e4619d02131934712dc6524a0fb4bf377e17c579d4e39eea0165ca77
423a0790db77cf762056a34b401222f3a93c47105209444e36d5004045fb8606
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447ccf46d78cbd052ad9c6a3cd110dd269ec916c3a09af864e1429e64bfb75a6
44efe447362971665b769f35466cf1809d6bfcc30348a7b24042b3954ef13321
4626acb90a61ad2e64125d843b8f8d66cf6d813a5e7b799b34bd9d9c450b94d7
4827fec4b688c883c19d7dfacfe8a04809681b3651e835fb69540193cd159f4b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4ac3933e39e7abf957b9612b11bbf646c46b6c16b5ab3211e225dcdddb5d2e59
4b5eb0af61b06b71cd30a12104987cd84c749b29866906cab2059d77612ceab5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3938359d975b49ca24219f23cf9f4b416dbe9c347cfe8e45c5ea8e6c8d1aae
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52c0c618857f56d6a351484721760f97029d41362f7378d91768ccc478e54b35
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e90b34aafe5edfc85981f962261069b4a34979c51f34c4991b07f5d3d984ec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dac3b86c92fb3a27a1c5bd75efffc171755de88542d33afc14d8e9493c9eb3
572842f1623bb0ff8d29052a4c0b823ab863bfe52b98265a0029acfbf5e11bc5
57dbe899a2b5c804f6e667838d56d9467d692e449dce19c7f9e48e84776c0ccd
588139ecb8f99f410faaf6d6ad5717048a08ba392a9c12af4f10d0a23310520e
589bfbac3ce242244924538a111c8b8c565434f9d8e5862abf690f02f3cee191
59003c0fbd98d57d21a549a06a8506179fead334e74645acbca01dedb3d735ab
5a7e1d9c0252498417e1f75ded9663451da07a53a9aa5cd32d519fa97611e558
5b5737f4004f9085da1cda9a674548a2162d642249a865fb68708ef0036ccdc4
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e27ab595867570c1a0d80268960e77a979440a4a55c71c6e6405df7ae2fd252
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
6095a61e8e8cd490ec831d0731bf5c78fc97f9c2746b7d67dab0788adb949708
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
639c929a03019caa46f531a6dfdea6fd638d98aa325c96a30afbc6a4f1aa1d66
66d5fae91c3f470fc3e1de75a9f3c513e4b7508a1be6ad2d9e670ff5bbcef02f
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
68de28ccd005c586a59c9a5c0653400886add03ab352219edb4b8651782d5e09
6b2476edf95aa04cd7ccb301051fb62853b69d39af09c929a81fdba43143bc5a
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6d19dace9467a1805a9bd3434c04db5728130e30958a462a250e73cd83a6a903
6d9263313998d90eb7ace1abd7647bf2106bb772d4a04a41a9f3959e4cdd8c44
6e605a25d2a6fad60d1639e690872a832bff2c016c8264b5f49e81e1bb4b1683
740f5e3f90a88b6706f13951d54dde0b8bbbba8ecaf16d25e9a833a932925987
741f6827a1fac645856278a2dbb0012881b90696122f9e832e51da9f2bb940c5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7540049cc4ecd14eb59c8f7710e39edddde0406e929a987b2c3d848f26aad534
756fcea03a78a0f6ea28b09b6d6b2990e965060d66c1a6f4bbc51f55e31b3eac
75c1a80a77d3fad1a72b715e16350080274eb1864e86f199c11babaec3dc6b8b
77fcbee5f2d03585b0500466ad44001ee1b1fef29dfdb8b1675d5e7878b39867
7829e009c50a75313a34510ff02878e8c90cb5e6d6405196d8790400a014d78c
79856fff59faea11fdc82c2ea7faaec7cfa38f03130fb2218c726e1fcd61eb20
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7a8bb92ed9c6cb9a1b88e1c503adf8dd3d80d5bc94faf1d9857c2718fa190a2d
7b1a37c43977758722ff2bddb8844c2af4627e0db2d5eb0f3ada59a3468b8ff9
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c9d3d0a0eb4c9079abb7218c49908fadd61ec6801b2f63cd6673699020afe12
7d56b60f41dafe5dab69b28083e318c482a277feb37288edb04e172071bdfe44
7dbf2dc13eba330a334887be9ac7b32a762774d101ff685b76ebc9f9038700bc
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7f99c531f5e0979a50a1f76d12f3e0c0cd5605be539b1fa6ab88c85d0e68f803
7fa588be427fc162b569b4a86d42448633253187f43bb40338fda711fe00780c
817ccfec7c7f242aa96174e3b5ebf5a8bd8530ab8f4b18bb07bf00a06f19934f
82be389fd9ffe8ee2565cf2dd7367700df89f27e055a99b1455c49d96d228ffa
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8479020989d389122f1027a816026fe2cf4077d1ff7140e43ed166a85d966e0c
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c
87b9fa7efc94c1145c336dfa8e5b245461d0d2c950996f9b0f0e8ccea0289b72
8973d34ac485be18bd1b676d880c06d4d7ce9bf4d3a28fdc4b8eb6ce81cc2ebf
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aaf90a00d378f096c89c7a0a3503c98d8f663eabab958bb1b226020c4f2ad2e
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db3093f1dbec4a48af24c7b4a6c14afec1fff5d81a3a070eec32abc9282e1a7
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245
8ed12b039b09021f444b5466f17e66ee92467082997c6af462e5bbe688170d86
8fb0e9bba273c7af6cf94dfe31a52b3e8e6f3cdac96c128fae7056490fbd73a3
8ff2dfbd53fcbe7a924065849f3a621b7275fc80dc5c4091e307ff93725b5dde
90295605e3ee06691dea7b608598ea0c4cec0646ad45eeeab98abb984aa3da61
90f64615026c1d8a716f9e3a71736ce79ec4707f2a1c798a5318ae42b45fe604
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
956ef347ea1eef7639b82fcfc08a66cfd66d8b0118144a6a1692693ca7b19fbd
95a88fa093edf86e9a223c9040c66137018330191d6577ea5f7624f5f9837895
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
96f6897cf6e2277014eba471652e7619cf6ccb9b55873e67860243fd197150d0
97f31b5ed02acdb5a07dfcff965068a6f53e784b29528cfd79109fa819f706a3
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
99a5af87f74014118ce8d017bd91dc4e06ff05125a5b710a966609ec60dc97ae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1177b69f70c78d0d073f90942215ec3a56f2b0dccc88b7966e75a6808d501e
9a2183dc26711b2fd1385506ef3823b10a2283126581411816744e2b3685a1c1
9a2cc21a50703523f6fd38895fea8440c07b25e86e6b866c4e8bbe4d2ff8d7b4
9af4762b2df5da39ca42be9960daeefe7fba3e07bc30ba6acadaa3cfea3f3415
9b1fdd162610d327d2bb018d2d09af0da8b05fa70380a12f03c0ecfe3435fca3
9cb362f7c84c467dc541e1fa66e5eecd982d631cc4091be5026513bd87482115
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
9e46388dcfb0a6650f7c82a0452e10bccd6b5ec4e0d73bcb96793148616770f6
9e4e9a6ccfc4fa4c25f76b5aa2493d2b15782b5cefc6bec555fd0139d2341696
9fbaf3eac344aae4adc2f1a0b300a9d96443a8ccd1e6e7fa0f48ebb176a0b0c9
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764
a15bb827b34110bd2fbe97e1c4cc48e8a0b20f8f8942b792a3c1c8c5cc856644
a170ecb84cbbe3c743c919578bd660029bc58ebcd286ac173b87cef62eec2d6e
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19d98e6ab1a8046e2f16acd1dd22d45d4db05ee6a5e7937c2aa9eb25604a556
a1a0148e858f2833e037e1eaaabbb1604412fd8c983c040943cd840b78149852
a1b6c062809a62bef4918b6d73d087e997ee2f92fca0cfbb5c281a5817292452
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ca86321106923bc5bd3607518f86dc2ff9e8424baaf59f4230ba724e8412a0
a32073ae72c27af5caad046c9d7a4ab061b2a81ee6b55d7e3e29611d61c16cc3
a35287a35e927d2da9db69c8837450ee047a8e5bf732aaea31980481380105d7
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a600558475791f59dc2627cb9fbf2425cd2962ddd9089c42a69b4402fb5c55cf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77132556b6dc115161b329ea7e844bb0dc7b7858498909896caf7377987b170
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
a8b6088276c5f8cdb4ec8ab768aa62222b0c4e678d5a8f71fc62ae172b771b2c
a8c3a934b94a95da51a2f8df5fddc8c110f94152f4a4b0fc828cf2576fd9e6f8
a90816dc8d9f40c76d30dc7e28de51bcb569aee491d29376d95775360623e600
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aab386e9e6b02a55b7b63cd3205a32e92b67cd2669768b0476ab1bccb6cab587
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adbcfd73a6a23334191d24723be5ac182dddff7f861c44723dbeaebb844f4685
ae65883918e33fc14e8ccee7d8432c08ff2b066b498d626b296aa66f1c2b251a
af506867189b74a1ff6cdde7c33d006e61b191acc88d7e1f0eddfa401004be26
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b281ce840664164fca7482eceda635d549c9a0eaf0e559035fb8494ddcf4468c
b48e14c837b784562768f6ce59e4f04cbe3eb1e49578efbe5f7d45941f127b32
b4a17fe2a63e6d9ec23058bc38d4ea1f7e397fa1de8be89b1a887cb34d746bd2
b51181ec4fd9bcb5a45dca807e162d363103013b31adb66ffebb4f0a2f81ddaa
b6d9dfadda2f3ae23cea507ba802ab446ffe1ded8244e84a5ef6764362f43bb7
b6dcab1ec2383691158db57b832d22157cd299d4c901581dcd4cdab4ad497512
b6df961fd50b31c60bc1f4e615472dba5c97026d96acf25f7e17403cbab56249
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7
b8f4090a7f6b73d8461f45af57612665aa2e007f9ba17640cc6352c71e72c6d9
b93460b3f58a8e5eda0ecba608cc2b3526020dc44c8bb49de08ce0de9fbc5db2
bc32c0d30b24114c27fdad6f5576c5f69bc4829f68430d27990bb88d42c3ba4d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bea931b21f00d2fea8cb23952347b694779a917783da00779cf180229c751db6
bfaafa74e4482601073da0616490db65f7f3215176d5e6215c9080ba32bfaa9f
c01a1d77327096c8c49f04af3f4da2c120a9c479e0190f5623fd9ea7d3fe7106
c1acec7ce5ab399ea205f3f38f9d424f15d3fefb08f4c1c9568806cc398fbac5
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28e6bad59a478efe1f72b82efb5c9de8b330c66f45aa26cf3142b2b19a8a4f8
c2b33dab8668ea6b36e05010bac05b45a2134e56d82b074a0488652e2b682f09
c435b6be1a287ae290f8d9c194eef5ee33c9c7420e03a9ccaeaabfed96e3c0db
c478bc96e00b2e4a64241756af7a9fb046590741b6d6a4483b10be4985b3fb56
c501e586ceb51ccd38f6ea2316b6b5f66f78b4e5d1e17172034bf3dec6030223
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c6eb301ab64cae9e40b6dcfef395f12adcc34f52002d9ea7b1c58a095d7f68fe
c6ff04eee3ac33ded99ee6c1a967713530124ae77cab274d1cf9a977a7aa676e
c75733e48b0ff8fe8cf445d3f20cab6e29bb6e4319e733af0f7a4e4a45cf7407
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c9013f30a06a9d3c833b8cd04eec770246aeb676c541cffc2bc0575715023dab
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cad0173e0432d52a1eae20a60166e09bf651476b7b41c60f47b2b436a5b67b91
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4352da2a4af80dfcf187836e3b08e4547e08d88316d02a48d7f121a1b6aa8a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d13be2720157b939b505b2b217e9caf2ed4c20d831c47add20497c2fafe81bc0
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a
d1ec438383f4444da2802c1aa45efd2b1a069069b5440247170fd3826e4aba06
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd
d2d4980bc3015348762a8ade584fab5995866193860a068b1421b2bd1f4e3600
d429d28b9e4fb5a936e932e8b3f92ed4c267eefec7c32cfe15bf18f1f5932788
d62c29dd8c69dcf9b80ec229c7bd394ddc26416673a68843272459c9dae672e0
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d6c12b2052858d9bccb18caf163a8f76e0c70c5cae01ea0ff3c2fae34709e14c
d75561ef499e9c142737431b19163dcd09704685d924aa4a08cce58fa214effe
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
daca61029fd7e7caf09906cd20e3e8bf043de99af191828c8d6deb186f4ddb81
daeb29fd605be21c7908096e52dbe13b1fff514d7affa12c1c89aca9082e6624
ddcaf77169960f74bb87fe4e4286da63ec2c03699c22cd5e14b0a7754c26ca8e
ddee1c5dbbdefe75f8616d691393f619cea7279d99182febab75a3b1762c0e69
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df79dd6a7ac84baa0b616fdb9c1b188d562051dcc880a1e8be5fb3bf25eb642b
e107ea9a8f458ba2e36d8c4252e5e0f5618ce1b794a5f316b67fc08d32e05337
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
e5818d0ee174f100c0cb7e5179199de13ab2e1dff99620e37bbab51e07b2fcd4
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e5bc6fae7e7532c131808d60d876b9c3c47ed450d856fd348479efb4c223223b
e5dbcde39ec1fc3506acc9fd13cdcc2815b146f106f5765d20bd057ae502e27c
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e809934d3d869c8edba565af150d46a911b0acd172163457eca37b0987c490c7
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ea4f21b0b6928a4945a5ee19b95ebab4affc57a94ec6ac502844db588c23ed79
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec36488eb23aa6eae30be91c612fc304970ad3edafe0ac6f418f03fd99719add
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
ecdc175bb6a137032714648974cea12e8434e632f40606a412c5aec2a2be3bed
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ef14756ad40a63259b94d54df04c2617b9df4229e8fbc080ec6f8941cc77a285
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef59b9167029ac10d8d81e284f989983beb25504866bae700c3e78c88b5f556d
f28753993b265939c9f2249cb8f62e9fc303399b37c476349de4254e20d10318
f31d585127e3ee130ba5e1d41f443d7d3d5e19cf9a2df0e0098e316e358f8e9c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f52c145f4c6224f0abdbdef6b07f12394204642286c18f21915ebee59c9942a3
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f74858ab6cbc624a9d3b5331b95c315d0851e07372d32d11136ba31777a4aea0
f794a9fc3aefd893764022eb7bb27bdcfada218aad3500ac3135494507290054
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
f8464298798367d1e7712446840a81b5ef07a6484761dfc727433c7cf4c1dc94
f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505
f98ac46a12e4c95f28120081d1c243b7b900fcf72ff77b00350fc0758d6c0d2b
f9bcfcdf3913076194efc851a76c4686fd0f4c336ee09e5739ab31590eb13eaa
fbc36a8fc5a8381849cf7dd91b3d3383e4e7d942185ecb3c849066a476d39d95
fd1a1a9daee80cfea98a4f8aa88b089b42fd416ec06e2f66ec4ab3d577ed479f
fd28c8ec88fa7840255a554e79f0f7a48513e645c02d1ef9941b40b71939f0cc
fda3146de8ab338d15cc956689f32f446cb08e9eae500de25c19e0bcc65a2760
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2